[ OK ] Reached target Login Prompts. [ OK ] Reached target Multi-User System. [ OK ] Reached target Graphical Interface. Starting Update UTMP about System Runlevel Changes... [ OK ] Started Update UTMP about System Runlevel Changes. Debian GNU/Linux 9 syzkaller ttyS0 Warning: Permanently added '10.128.1.0' (ECDSA) to the list of known hosts. 2020/05/21 14:13:51 fuzzer started 2020/05/21 14:13:51 dialing manager at 10.128.0.26:33907 2020/05/21 14:13:51 syscalls: 3005 2020/05/21 14:13:51 code coverage: enabled 2020/05/21 14:13:51 comparison tracing: enabled 2020/05/21 14:13:51 extra coverage: enabled 2020/05/21 14:13:51 setuid sandbox: enabled 2020/05/21 14:13:51 namespace sandbox: enabled 2020/05/21 14:13:51 Android sandbox: /sys/fs/selinux/policy does not exist 2020/05/21 14:13:51 fault injection: enabled 2020/05/21 14:13:51 leak checking: CONFIG_DEBUG_KMEMLEAK is not enabled 2020/05/21 14:13:51 net packet injection: enabled 2020/05/21 14:13:51 net device setup: enabled 2020/05/21 14:13:51 concurrency sanitizer: /sys/kernel/debug/kcsan does not exist 2020/05/21 14:13:51 devlink PCI setup: PCI device 0000:00:10.0 is not available 2020/05/21 14:13:51 USB emulation: /dev/raw-gadget does not exist 14:15:03 executing program 0: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) syz_kvm_setup_cpu$x86(0xffffffffffffffff, 0xffffffffffffffff, &(0x7f0000032000/0x18000)=nil, &(0x7f0000000280)=[@text32={0x20, &(0x7f0000000140)="b9800000c00f3235010000000f309a090000006500660f3882af724d00002ed8ddc74424008fc4bd87c7442402c43a727fc7442406000000000f011424f30f090f013a360f06c4c18d72d68366baa100ed", 0x51}], 0x1, 0x0, 0x0, 0x0) socketpair$nbd(0x1, 0x1, 0x0, &(0x7f00000000c0)) ioctl$KVM_CREATE_IRQCHIP(r1, 0xae60) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000bf7000)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil}) ioctl$KVM_ENABLE_CAP_CPU(r2, 0x4068aea3, &(0x7f0000000700)={0x7b}) ioctl$KVM_SET_REGS(r2, 0x4090ae82, &(0x7f00000002c0)={[0x4, 0x0, 0x40000007, 0x0, 0x0, 0x0, 0x4cb]}) ioctl$KVM_RUN(r2, 0xae80, 0x0) perf_event_open(&(0x7f0000000000)={0x0, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, 0x1, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xa, @perf_config_ext, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x4000}, 0x0, 0x0, 0xffffffffffffffff, 0x0) ioctl$KVM_RUN(r2, 0xae80, 0x0) syzkaller login: [ 135.969220][ T7101] IPVS: ftp: loaded support on port[0] = 21 14:15:03 executing program 1: seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0xa, &(0x7f00000001c0)={0x1, &(0x7f00000002c0)=[{0x6, 0x0, 0x0, 0x7ffffffb}]}) seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x8, &(0x7f00000001c0)={0x1, &(0x7f00000002c0)=[{0x6}]}) [ 136.160273][ T7101] chnl_net:caif_netlink_parms(): no params data found [ 136.274560][ T7208] IPVS: ftp: loaded support on port[0] = 21 [ 136.301101][ T7101] bridge0: port 1(bridge_slave_0) entered blocking state [ 136.325422][ T7101] bridge0: port 1(bridge_slave_0) entered disabled state [ 136.333608][ T7101] device bridge_slave_0 entered promiscuous mode [ 136.368877][ T7101] bridge0: port 2(bridge_slave_1) entered blocking state [ 136.376381][ T7101] bridge0: port 2(bridge_slave_1) entered disabled state [ 136.384575][ T7101] device bridge_slave_1 entered promiscuous mode 14:15:04 executing program 2: mkdir(&(0x7f0000000140)='./file0\x00', 0x0) mount(0x0, &(0x7f00000001c0)='./file0\x00', &(0x7f0000000280)='mqueue\x00', 0x0, 0x0) [ 136.458148][ T7101] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 136.498904][ T7101] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 136.549330][ T7101] team0: Port device team_slave_0 added [ 136.572155][ T7101] team0: Port device team_slave_1 added [ 136.670380][ T7101] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 136.687315][ T7101] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 136.716741][ T7101] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 136.756854][ T7101] batman_adv: batadv0: Adding interface: batadv_slave_1 14:15:04 executing program 3: perf_event_open(&(0x7f0000000100)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3c43, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r0 = creat(&(0x7f00000002c0)='./bus\x00', 0x17a) ioctl$BLKRAGET(0xffffffffffffffff, 0x1263, &(0x7f0000000280)) ioctl$KVM_SET_VCPU_EVENTS(0xffffffffffffffff, 0x4040aea0, &(0x7f0000000200)={0x0, 0xc, 0x0, 0x0, 0x0, 0x3, 0x0, 0x4, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4, [], 0x0, 0x8}) r1 = socket$inet(0x2, 0x4000000000000001, 0x0) setsockopt$inet_tcp_int(r1, 0x6, 0x80000000000002, &(0x7f0000000740)=0x200, 0x4) setsockopt$inet_tcp_TCP_MD5SIG(r1, 0x6, 0xe, &(0x7f00000004c0)={@in={{0x2, 0x1, @loopback}}, 0x0, 0x0, 0x7, 0x0, "98d3340600c7aa11897ecaab876eab79576839c5656be8410f2802e944af80373be2666b66577017e1e49e64907d5dd5749393ad08f139a68f00"}, 0xd8) bind$inet(r1, &(0x7f0000000480)={0x2, 0x4e23, @multicast1}, 0x10) sendto$inet(r1, 0x0, 0x0, 0x200007fd, &(0x7f00000008c0)={0x2, 0x24e23, @loopback}, 0x10) recvmsg(r1, &(0x7f0000000240)={&(0x7f0000000040)=@nfc, 0xf012, &(0x7f0000000180)=[{&(0x7f0000003ac0)=""/4096, 0xb880}], 0xa, &(0x7f0000000200)=""/20, 0x14, 0xb01001f1}, 0x0) write$binfmt_elf64(r1, &(0x7f00000000c0)=ANY=[@ANYRES64], 0xc63b9e35) ioctl$KDGKBSENT(r0, 0x4b48, &(0x7f0000000900)={0x0, "272d1e1709113b53f1254c0431bd17083fc8ea99474deaefb263a8e3e5aefb4f4bc6f3614b547f6706f9402affb499254f919225b247d3a8d0f3309f9f5de205e1c7d04067a6c06cfc971979fc9193471a80d9444dff31339edaff6c6d2622f0045e8d7fb20f1c3547b0dba76e1c59c69bda30d7870cabe77a1a047dd0b8740b372843275b3f6a81027cd128c2d8bf2a3b1ec3aed306c14dd5e23aa1d61e325f6c9f8b6a231b286774e2443f4b288948225954041f969f2b18a037aa9fb7f0d4ed1f786bf8607e5662e77bc936be72050a58df55c4ea43c43e95db7521b800c2ec53938ea2e4d9b3bd18632c53b3abad220be1d8bec93f81e009b4fc9a2259597da2bde0dc0dcb820a326eb1c614f63a50bcc366a076b97a50c663c41a6a335b7573cc787f41378b3c6610d2a5009df95dbbcce16fa044df02b096dbf930a3dd747bc3d637175c2cd59aa748785ff5a5ae8cd6f10398bc694027f948f201e7f3b211f0d4399e0d620b28e74de7c29c44d37e2032a80ee16d5e2771097caf7a043852dd76629a8596af349953e3a9f622efdbf56c6fe9b64f00f506eb3df8307d368b603cd87ad80158c96ff2fd8a19b97e3151c4684e9e29a5a81617758df7d67264bda173c5e66c4216bb533fe3f8699519c0e3aaf04b00df94931a2be928ae7a2011c5778ba29b15cf1bd447b997be2e841ea520ace405f995335080df16d4"}) openat$nvram(0xffffff9c, &(0x7f00000001c0)='/dev/nvram\x00', 0x81e03b701daec94f, 0x0) sendmsg$NL80211_CMD_SET_INTERFACE(r0, &(0x7f0000000400)={&(0x7f0000000300), 0xc, &(0x7f00000003c0)={&(0x7f0000000380)={0x2c, 0x0, 0x200, 0x70bd2c, 0x25dfdbff, {}, [@NL80211_ATTR_WIPHY={0x8}, @NL80211_ATTR_WIPHY={0x8}, @NL80211_ATTR_IFTYPE={0x8, 0x5, 0xb}]}, 0x2c}}, 0x10) ioctl$EXT4_IOC_GROUP_ADD(r0, 0x1277, &(0x7f0000000000)={0x20008000, 0x0, 0x800000000000, 0x8}) r2 = socket$inet(0x2, 0x4000000000000001, 0x0) setsockopt$inet_group_source_req(r2, 0x0, 0x16, 0x0, 0x0) r3 = syz_genetlink_get_family_id$nl80211(0x0) sendmsg$NL80211_CMD_SET_INTERFACE(0xffffffffffffffff, &(0x7f0000000300)={&(0x7f0000000240)={0x10, 0x0, 0x0, 0x2000000}, 0xc, &(0x7f00000002c0)={&(0x7f0000000280)={0x30, r3, 0x800, 0x70bd27, 0x25dfdbff, {}, [@NL80211_ATTR_WIPHY={0x8}, @NL80211_ATTR_IFNAME={0x14, 0x4, 'ipvlan1\x00'}]}, 0x30}, 0x1, 0x0, 0x0, 0x1}, 0x0) [ 136.763830][ T7101] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 136.796429][ T7101] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 136.824424][ T7303] IPVS: ftp: loaded support on port[0] = 21 [ 136.832986][ T7208] chnl_net:caif_netlink_parms(): no params data found [ 136.949578][ T7101] device hsr_slave_0 entered promiscuous mode [ 137.027964][ T7101] device hsr_slave_1 entered promiscuous mode 14:15:04 executing program 4: perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x41c1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) sched_setscheduler(0x0, 0x0, 0x0) openat$cgroup_ro(0xffffffffffffffff, &(0x7f0000000200)='cpuset.memory_pressure\x00', 0x0, 0x0) syz_open_dev$vcsn(0x0, 0x0, 0x4000) sendmsg$NBD_CMD_DISCONNECT(0xffffffffffffffff, &(0x7f0000000280)={0x0, 0x0, 0x0}, 0x0) ioctl$KVM_CREATE_VM(0xffffffffffffffff, 0xae01, 0x0) r0 = creat(&(0x7f0000000240)='./bus\x00', 0x0) ioctl$FS_IOC_RESVSP(r0, 0x402c5828, &(0x7f00000001c0)={0xd8, 0x0, 0x0, 0x41275301, 0x36ff1, 0x8000000, [0x0, 0x0, 0x20800]}) openat$cgroup_ro(0xffffffffffffffff, &(0x7f0000000040)='cgroup.controllers\x00', 0x0, 0x0) ioctl$KVM_SET_VCPU_EVENTS(0xffffffffffffffff, 0x8138ae83, 0x0) setsockopt$IPT_SO_SET_ADD_COUNTERS(0xffffffffffffffff, 0x0, 0x41, &(0x7f0000000080)=ANY=[@ANYBLOB], 0x44) [ 137.117982][ T7384] IPVS: ftp: loaded support on port[0] = 21 [ 137.187999][ T7208] bridge0: port 1(bridge_slave_0) entered blocking state [ 137.196845][ T7208] bridge0: port 1(bridge_slave_0) entered disabled state [ 137.206504][ T7208] device bridge_slave_0 entered promiscuous mode [ 137.252224][ T7208] bridge0: port 2(bridge_slave_1) entered blocking state [ 137.262652][ T7208] bridge0: port 2(bridge_slave_1) entered disabled state [ 137.277713][ T7208] device bridge_slave_1 entered promiscuous mode [ 137.414305][ T7208] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 137.457792][ T7208] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 137.493857][ T7445] IPVS: ftp: loaded support on port[0] = 21 [ 137.514882][ T7303] chnl_net:caif_netlink_parms(): no params data found [ 137.582672][ T7208] team0: Port device team_slave_0 added [ 137.622480][ T7208] team0: Port device team_slave_1 added [ 137.676130][ T7208] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 137.683725][ T7208] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 137.717357][ T7208] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active 14:15:05 executing program 5: r0 = perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x41bd, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xfffffffdffffffff, 0xffffffffffffffff, 0x0) r1 = getpid() sched_setscheduler(r1, 0x0, 0x0) perf_event_open(&(0x7f0000000180)={0x1, 0x70, 0x0, 0x0, 0xfc, 0x0, 0x0, 0xffffffffffff8001, 0x0, 0x2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x6ab5d78f8d69033f) r2 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000140)='/dev/kvm\x00', 0x0, 0x0) r3 = ioctl$KVM_CREATE_VM(r2, 0xae01, 0x0) ioctl$KVM_CREATE_IRQCHIP(0xffffffffffffffff, 0xae60) r4 = ioctl$KVM_CREATE_VCPU(r3, 0xae41, 0x0) ioctl$KVM_CREATE_PIT2(r3, 0x4040ae77, &(0x7f0000000200)) dup3(r2, r3, 0x0) dup2(r0, r4) [ 137.789894][ T7208] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 137.797500][ T7208] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 137.826728][ T7208] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 137.914938][ T7303] bridge0: port 1(bridge_slave_0) entered blocking state [ 137.923555][ T7303] bridge0: port 1(bridge_slave_0) entered disabled state [ 137.932925][ T7303] device bridge_slave_0 entered promiscuous mode [ 138.001514][ T7303] bridge0: port 2(bridge_slave_1) entered blocking state [ 138.018253][ T7303] bridge0: port 2(bridge_slave_1) entered disabled state [ 138.028267][ T7303] device bridge_slave_1 entered promiscuous mode [ 138.098070][ T7208] device hsr_slave_0 entered promiscuous mode [ 138.135747][ T7208] device hsr_slave_1 entered promiscuous mode [ 138.175469][ T7208] debugfs: Directory 'hsr0' with parent 'hsr' already present! [ 138.184055][ T7208] Cannot create hsr debugfs directory [ 138.214107][ T7101] netdevsim netdevsim0 netdevsim0: renamed from eth0 [ 138.270111][ T7101] netdevsim netdevsim0 netdevsim1: renamed from eth1 [ 138.358334][ T7101] netdevsim netdevsim0 netdevsim2: renamed from eth2 [ 138.410695][ T7101] netdevsim netdevsim0 netdevsim3: renamed from eth3 [ 138.485494][ T7303] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 138.511631][ T7303] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 138.539535][ T7384] chnl_net:caif_netlink_parms(): no params data found [ 138.556824][ T7689] IPVS: ftp: loaded support on port[0] = 21 [ 138.660552][ T7445] chnl_net:caif_netlink_parms(): no params data found [ 138.683005][ T7303] team0: Port device team_slave_0 added [ 138.736183][ T7303] team0: Port device team_slave_1 added [ 138.804911][ T7384] bridge0: port 1(bridge_slave_0) entered blocking state [ 138.814405][ T7384] bridge0: port 1(bridge_slave_0) entered disabled state [ 138.826188][ T7384] device bridge_slave_0 entered promiscuous mode [ 138.860084][ T7384] bridge0: port 2(bridge_slave_1) entered blocking state [ 138.868409][ T7384] bridge0: port 2(bridge_slave_1) entered disabled state [ 138.877505][ T7384] device bridge_slave_1 entered promiscuous mode [ 138.909256][ T7303] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 138.916434][ T7303] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 138.944049][ T7303] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 138.991855][ T7303] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 139.000737][ T7303] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 139.027963][ T7303] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 139.046597][ T7384] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 139.086579][ T7384] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 139.167621][ T7384] team0: Port device team_slave_0 added [ 139.182736][ T7445] bridge0: port 1(bridge_slave_0) entered blocking state [ 139.189963][ T7445] bridge0: port 1(bridge_slave_0) entered disabled state [ 139.199094][ T7445] device bridge_slave_0 entered promiscuous mode [ 139.269149][ T7303] device hsr_slave_0 entered promiscuous mode [ 139.315690][ T7303] device hsr_slave_1 entered promiscuous mode [ 139.365580][ T7303] debugfs: Directory 'hsr0' with parent 'hsr' already present! [ 139.373979][ T7303] Cannot create hsr debugfs directory [ 139.393015][ T7384] team0: Port device team_slave_1 added [ 139.403453][ T7445] bridge0: port 2(bridge_slave_1) entered blocking state [ 139.410949][ T7445] bridge0: port 2(bridge_slave_1) entered disabled state [ 139.419361][ T7445] device bridge_slave_1 entered promiscuous mode [ 139.454590][ T7208] netdevsim netdevsim1 netdevsim0: renamed from eth0 [ 139.520946][ T7208] netdevsim netdevsim1 netdevsim1: renamed from eth1 [ 139.588888][ T7208] netdevsim netdevsim1 netdevsim2: renamed from eth2 [ 139.687672][ T7689] chnl_net:caif_netlink_parms(): no params data found [ 139.703104][ T7208] netdevsim netdevsim1 netdevsim3: renamed from eth3 [ 139.739997][ T7445] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 139.773306][ T7384] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 139.781120][ T7384] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 139.810225][ T7384] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 139.823683][ T7445] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 139.839191][ T7384] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 139.846421][ T7384] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 139.875075][ T7384] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 139.964608][ T7445] team0: Port device team_slave_0 added [ 140.010205][ T7689] bridge0: port 1(bridge_slave_0) entered blocking state [ 140.019021][ T7689] bridge0: port 1(bridge_slave_0) entered disabled state [ 140.030644][ T7689] device bridge_slave_0 entered promiscuous mode [ 140.053161][ T7445] team0: Port device team_slave_1 added [ 140.081350][ T7101] 8021q: adding VLAN 0 to HW filter on device bond0 [ 140.090943][ T7689] bridge0: port 2(bridge_slave_1) entered blocking state [ 140.099445][ T7689] bridge0: port 2(bridge_slave_1) entered disabled state [ 140.109176][ T7689] device bridge_slave_1 entered promiscuous mode [ 140.179054][ T7384] device hsr_slave_0 entered promiscuous mode [ 140.225807][ T7384] device hsr_slave_1 entered promiscuous mode [ 140.275992][ T7384] debugfs: Directory 'hsr0' with parent 'hsr' already present! [ 140.283602][ T7384] Cannot create hsr debugfs directory [ 140.341799][ T7445] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 140.350863][ T7445] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 140.379013][ T7445] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 140.426352][ T7689] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 140.437365][ T7445] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 140.445125][ T7445] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 140.472982][ T7445] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 140.503803][ T7689] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 140.529732][ T3404] IPv6: ADDRCONF(NETDEV_CHANGE): veth1: link becomes ready [ 140.539541][ T3404] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready [ 140.638005][ T7445] device hsr_slave_0 entered promiscuous mode [ 140.655683][ T7445] device hsr_slave_1 entered promiscuous mode [ 140.706257][ T7445] debugfs: Directory 'hsr0' with parent 'hsr' already present! [ 140.713832][ T7445] Cannot create hsr debugfs directory [ 140.723948][ T7101] 8021q: adding VLAN 0 to HW filter on device team0 [ 140.799647][ T7689] team0: Port device team_slave_0 added [ 140.832294][ T2881] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bridge: link becomes ready [ 140.841482][ T2881] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready [ 140.850898][ T2881] bridge0: port 1(bridge_slave_0) entered blocking state [ 140.858348][ T2881] bridge0: port 1(bridge_slave_0) entered forwarding state [ 140.883363][ T7689] team0: Port device team_slave_1 added [ 140.909221][ T23] IPv6: ADDRCONF(NETDEV_CHANGE): bridge0: link becomes ready [ 140.918582][ T7303] netdevsim netdevsim2 netdevsim0: renamed from eth0 [ 140.979807][ T7303] netdevsim netdevsim2 netdevsim1: renamed from eth1 [ 141.033868][ T7303] netdevsim netdevsim2 netdevsim2: renamed from eth2 [ 141.129124][ T7303] netdevsim netdevsim2 netdevsim3: renamed from eth3 [ 141.150426][ T2881] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bridge: link becomes ready [ 141.160940][ T2881] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready [ 141.170077][ T2881] bridge0: port 2(bridge_slave_1) entered blocking state [ 141.177270][ T2881] bridge0: port 2(bridge_slave_1) entered forwarding state [ 141.190140][ T7689] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 141.198211][ T7689] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 141.227245][ T7689] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 141.245637][ T3404] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bond: link becomes ready [ 141.259684][ T7689] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 141.268773][ T7689] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 141.296913][ T7689] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 141.323622][ T7208] 8021q: adding VLAN 0 to HW filter on device bond0 [ 141.354440][ T7384] netdevsim netdevsim3 netdevsim0: renamed from eth0 [ 141.411270][ T7384] netdevsim netdevsim3 netdevsim1: renamed from eth1 [ 141.482499][ T2758] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bond: link becomes ready [ 141.504949][ T7384] netdevsim netdevsim3 netdevsim2: renamed from eth2 [ 141.528322][ T7384] netdevsim netdevsim3 netdevsim3: renamed from eth3 [ 141.597481][ T12] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_team: link becomes ready [ 141.611674][ T12] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_0: link becomes ready [ 141.631609][ T12] IPv6: ADDRCONF(NETDEV_CHANGE): team0: link becomes ready [ 141.708284][ T7689] device hsr_slave_0 entered promiscuous mode [ 141.766662][ T7689] device hsr_slave_1 entered promiscuous mode [ 141.825547][ T7689] debugfs: Directory 'hsr0' with parent 'hsr' already present! [ 141.834002][ T7689] Cannot create hsr debugfs directory [ 141.843635][ T2758] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_team: link becomes ready [ 141.857666][ T2758] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_1: link becomes ready [ 141.867277][ T2758] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_hsr: link becomes ready [ 141.876634][ T2758] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_0: link becomes ready [ 141.886071][ T2758] IPv6: ADDRCONF(NETDEV_CHANGE): veth1: link becomes ready [ 141.893980][ T2758] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready [ 141.924548][ T7101] hsr0: Slave B (hsr_slave_1) is not up; please bring it up to get a fully working HSR network [ 141.937510][ T7101] IPv6: ADDRCONF(NETDEV_CHANGE): hsr0: link becomes ready [ 141.971704][ T12] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_hsr: link becomes ready [ 141.981996][ T12] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_1: link becomes ready [ 142.005084][ T7208] 8021q: adding VLAN 0 to HW filter on device team0 [ 142.074990][ T2881] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bridge: link becomes ready [ 142.086662][ T2881] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready [ 142.095152][ T2881] bridge0: port 1(bridge_slave_0) entered blocking state [ 142.102561][ T2881] bridge0: port 1(bridge_slave_0) entered forwarding state [ 142.110753][ T2881] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bridge: link becomes ready [ 142.120260][ T2881] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready [ 142.130973][ T2881] bridge0: port 2(bridge_slave_1) entered blocking state [ 142.138178][ T2881] bridge0: port 2(bridge_slave_1) entered forwarding state [ 142.146248][ T2881] IPv6: ADDRCONF(NETDEV_CHANGE): bridge0: link becomes ready [ 142.191076][ T12] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bond: link becomes ready [ 142.200620][ T12] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bond: link becomes ready [ 142.239539][ T7101] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 142.251741][ T2758] IPv6: ADDRCONF(NETDEV_CHANGE): vxcan1: link becomes ready [ 142.263061][ T2758] IPv6: ADDRCONF(NETDEV_CHANGE): vxcan0: link becomes ready [ 142.271381][ T2758] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_team: link becomes ready [ 142.282847][ T2758] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_0: link becomes ready [ 142.292268][ T2758] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_team: link becomes ready [ 142.302565][ T2758] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_1: link becomes ready [ 142.316587][ T7445] netdevsim netdevsim4 netdevsim0: renamed from eth0 [ 142.371687][ T12] IPv6: ADDRCONF(NETDEV_CHANGE): team0: link becomes ready [ 142.380799][ T12] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_hsr: link becomes ready [ 142.392284][ T12] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_0: link becomes ready [ 142.403444][ T12] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_hsr: link becomes ready [ 142.419425][ T12] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_1: link becomes ready [ 142.431105][ T7445] netdevsim netdevsim4 netdevsim1: renamed from eth1 [ 142.491297][ T7445] netdevsim netdevsim4 netdevsim2: renamed from eth2 [ 142.590942][ T7445] netdevsim netdevsim4 netdevsim3: renamed from eth3 [ 142.638278][ T7208] IPv6: ADDRCONF(NETDEV_CHANGE): hsr0: link becomes ready [ 142.716376][ T12] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_virt_wifi: link becomes ready [ 142.725165][ T12] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_virt_wifi: link becomes ready [ 142.766039][ T7384] 8021q: adding VLAN 0 to HW filter on device bond0 [ 142.803443][ T7303] 8021q: adding VLAN 0 to HW filter on device bond0 [ 142.812178][ T3404] IPv6: ADDRCONF(NETDEV_CHANGE): vxcan1: link becomes ready [ 142.821553][ T3404] IPv6: ADDRCONF(NETDEV_CHANGE): vxcan0: link becomes ready [ 142.829923][ T3404] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_vlan: link becomes ready [ 142.839420][ T3404] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_vlan: link becomes ready [ 142.849658][ T7689] netdevsim netdevsim5 netdevsim0: renamed from eth0 [ 142.910167][ T7101] device veth0_vlan entered promiscuous mode [ 142.923577][ T7208] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 142.936825][ T3404] IPv6: ADDRCONF(NETDEV_CHANGE): vlan0: link becomes ready [ 142.946695][ T3404] IPv6: ADDRCONF(NETDEV_CHANGE): vlan1: link becomes ready [ 142.956483][ T7689] netdevsim netdevsim5 netdevsim1: renamed from eth1 [ 142.988708][ T7689] netdevsim netdevsim5 netdevsim2: renamed from eth2 [ 143.061074][ T7689] netdevsim netdevsim5 netdevsim3: renamed from eth3 [ 143.134187][ T7101] device veth1_vlan entered promiscuous mode [ 143.156510][ T2766] IPv6: ADDRCONF(NETDEV_CHANGE): macvlan0: link becomes ready [ 143.169201][ T2766] IPv6: ADDRCONF(NETDEV_CHANGE): veth1: link becomes ready [ 143.179826][ T2766] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready [ 143.188776][ T2766] IPv6: ADDRCONF(NETDEV_CHANGE): veth1: link becomes ready [ 143.197731][ T2766] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready [ 143.219106][ T7384] 8021q: adding VLAN 0 to HW filter on device team0 [ 143.229908][ T7303] 8021q: adding VLAN 0 to HW filter on device team0 [ 143.264249][ T3404] IPv6: ADDRCONF(NETDEV_CHANGE): macvlan1: link becomes ready [ 143.277468][ T3404] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bridge: link becomes ready [ 143.288931][ T3404] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready [ 143.298300][ T3404] bridge0: port 1(bridge_slave_0) entered blocking state [ 143.305666][ T3404] bridge0: port 1(bridge_slave_0) entered forwarding state [ 143.314328][ T3404] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bridge: link becomes ready [ 143.323696][ T3404] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready [ 143.332369][ T3404] bridge0: port 2(bridge_slave_1) entered blocking state [ 143.339964][ T3404] bridge0: port 2(bridge_slave_1) entered forwarding state [ 143.348854][ T3404] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bond: link becomes ready [ 143.358106][ T3404] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bridge: link becomes ready [ 143.368742][ T3404] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready [ 143.378023][ T3404] bridge0: port 1(bridge_slave_0) entered blocking state [ 143.385233][ T3404] bridge0: port 1(bridge_slave_0) entered forwarding state [ 143.394491][ T3404] IPv6: ADDRCONF(NETDEV_CHANGE): bridge0: link becomes ready [ 143.403480][ T3404] IPv6: ADDRCONF(NETDEV_CHANGE): bridge0: link becomes ready [ 143.452659][ T12] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_virt_wifi: link becomes ready [ 143.461456][ T12] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_virt_wifi: link becomes ready [ 143.471634][ T12] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bond: link becomes ready [ 143.483013][ T12] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bridge: link becomes ready [ 143.496790][ T12] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready [ 143.506610][ T12] bridge0: port 2(bridge_slave_1) entered blocking state [ 143.513676][ T12] bridge0: port 2(bridge_slave_1) entered forwarding state [ 143.521733][ T12] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_team: link becomes ready [ 143.531035][ T12] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_0: link becomes ready [ 143.586227][ T12] IPv6: ADDRCONF(NETDEV_CHANGE): team0: link becomes ready [ 143.598924][ T12] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bond: link becomes ready [ 143.611815][ T12] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bond: link becomes ready [ 143.623969][ T12] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_macvtap: link becomes ready [ 143.633640][ T12] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_macvtap: link becomes ready [ 143.643048][ T12] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_team: link becomes ready [ 143.653372][ T12] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_0: link becomes ready [ 143.666212][ T7101] device veth0_macvtap entered promiscuous mode [ 143.704192][ T7208] device veth0_vlan entered promiscuous mode [ 143.726643][ T12] IPv6: ADDRCONF(NETDEV_CHANGE): macvtap0: link becomes ready [ 143.735063][ T12] IPv6: ADDRCONF(NETDEV_CHANGE): team0: link becomes ready [ 143.744985][ T12] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_team: link becomes ready [ 143.754805][ T12] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_1: link becomes ready [ 143.764367][ T12] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_team: link becomes ready [ 143.775915][ T12] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_1: link becomes ready [ 143.786366][ T12] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_hsr: link becomes ready [ 143.794826][ T12] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_0: link becomes ready [ 143.804713][ T12] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_vlan: link becomes ready [ 143.813730][ T12] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_vlan: link becomes ready [ 143.822918][ T12] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_hsr: link becomes ready [ 143.832036][ T12] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_1: link becomes ready [ 143.842952][ T7101] device veth1_macvtap entered promiscuous mode [ 143.869900][ T7208] device veth1_vlan entered promiscuous mode [ 143.879746][ T12] IPv6: ADDRCONF(NETDEV_CHANGE): vlan0: link becomes ready [ 143.887872][ T12] IPv6: ADDRCONF(NETDEV_CHANGE): vlan1: link becomes ready [ 143.896415][ T12] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_hsr: link becomes ready [ 143.904823][ T12] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_0: link becomes ready [ 143.917347][ T7303] IPv6: ADDRCONF(NETDEV_CHANGE): hsr0: link becomes ready [ 143.939693][ T7445] 8021q: adding VLAN 0 to HW filter on device bond0 [ 143.964076][ T7384] hsr0: Slave B (hsr_slave_1) is not up; please bring it up to get a fully working HSR network [ 143.977601][ T7384] IPv6: ADDRCONF(NETDEV_CHANGE): hsr0: link becomes ready [ 144.017707][ T12] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_hsr: link becomes ready [ 144.026933][ T12] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_1: link becomes ready [ 144.068690][ T7101] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 144.085064][ T7101] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 144.098179][ T12] IPv6: ADDRCONF(NETDEV_CHANGE): vxcan1: link becomes ready [ 144.106500][ T12] IPv6: ADDRCONF(NETDEV_CHANGE): vxcan0: link becomes ready [ 144.114179][ T12] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_0: link becomes ready [ 144.124034][ T12] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_batadv: link becomes ready [ 144.133563][ T12] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_1: link becomes ready [ 144.143124][ T12] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_batadv: link becomes ready [ 144.191853][ T7384] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 144.202040][ T2881] IPv6: ADDRCONF(NETDEV_CHANGE): veth1: link becomes ready [ 144.214321][ T2881] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready [ 144.224759][ T2881] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_macvtap: link becomes ready [ 144.234301][ T2881] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_macvtap: link becomes ready [ 144.244988][ T2881] IPv6: ADDRCONF(NETDEV_CHANGE): vxcan1: link becomes ready [ 144.254089][ T2881] IPv6: ADDRCONF(NETDEV_CHANGE): vxcan0: link becomes ready [ 144.266072][ T7208] device veth0_macvtap entered promiscuous mode [ 144.318599][ T7445] 8021q: adding VLAN 0 to HW filter on device team0 [ 144.331822][ T7303] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 144.344820][ T7208] device veth1_macvtap entered promiscuous mode [ 144.370345][ T7689] 8021q: adding VLAN 0 to HW filter on device bond0 [ 144.530937][ T8355] L1TF CPU bug present and SMT on, data leak possible. See CVE-2018-3646 and https://www.kernel.org/doc/html/latest/admin-guide/hw-vuln/l1tf.html for details. [ 144.562268][ T7689] 8021q: adding VLAN 0 to HW filter on device team0 [ 144.583421][ T12] IPv6: ADDRCONF(NETDEV_CHANGE): macvtap0: link becomes ready [ 144.601354][ T12] IPv6: ADDRCONF(NETDEV_CHANGE): macsec0: link becomes ready [ 144.620416][ T12] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bridge: link becomes ready [ 144.633435][ T12] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready [ 144.652372][ T12] bridge0: port 1(bridge_slave_0) entered blocking state [ 144.660183][ T12] bridge0: port 1(bridge_slave_0) entered forwarding state [ 144.679105][ T12] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bridge: link becomes ready [ 144.693884][ T8355] kvm [8354]: vcpu0, guest rIP: 0x145 Hyper-V unhandled rdmsr: 0x40000040 [ 144.710228][ T8355] kvm [8354]: vcpu0, guest rIP: 0x145 Hyper-V unhandled rdmsr: 0x40000048 [ 144.721502][ T12] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready [ 144.745218][ T12] bridge0: port 2(bridge_slave_1) entered blocking state [ 144.752690][ T12] bridge0: port 2(bridge_slave_1) entered forwarding state [ 144.769195][ T12] IPv6: ADDRCONF(NETDEV_CHANGE): veth1: link becomes ready [ 144.781632][ T12] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready [ 144.794836][ T12] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_virt_wifi: link becomes ready [ 144.811766][ T12] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_virt_wifi: link becomes ready 14:15:12 executing program 0: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) syz_kvm_setup_cpu$x86(0xffffffffffffffff, 0xffffffffffffffff, &(0x7f0000032000/0x18000)=nil, &(0x7f0000000280)=[@text32={0x20, &(0x7f0000000140)="b9800000c00f3235010000000f309a090000006500660f3882af724d00002ed8ddc74424008fc4bd87c7442402c43a727fc7442406000000000f011424f30f090f013a360f06c4c18d72d68366baa100ed", 0x51}], 0x1, 0x0, 0x0, 0x0) socketpair$nbd(0x1, 0x1, 0x0, &(0x7f00000000c0)) ioctl$KVM_CREATE_IRQCHIP(r1, 0xae60) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000bf7000)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil}) ioctl$KVM_ENABLE_CAP_CPU(r2, 0x4068aea3, &(0x7f0000000700)={0x7b}) ioctl$KVM_SET_REGS(r2, 0x4090ae82, &(0x7f00000002c0)={[0x4, 0x0, 0x40000007, 0x0, 0x0, 0x0, 0x4cb]}) ioctl$KVM_RUN(r2, 0xae80, 0x0) perf_event_open(&(0x7f0000000000)={0x0, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, 0x1, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xa, @perf_config_ext, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x4000}, 0x0, 0x0, 0xffffffffffffffff, 0x0) ioctl$KVM_RUN(r2, 0xae80, 0x0) [ 144.909411][ T7208] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3d) already exists on: batadv_slave_0 [ 144.923256][ T7208] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 144.975487][ T7208] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 144.981390][ T8370] kvm [8369]: vcpu0, guest rIP: 0x145 Hyper-V unhandled rdmsr: 0x40000040 [ 144.992125][ T2758] IPv6: ADDRCONF(NETDEV_CHANGE): bridge0: link becomes ready [ 145.006340][ T2758] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bond: link becomes ready [ 145.034764][ T8370] kvm [8369]: vcpu0, guest rIP: 0x145 Hyper-V unhandled rdmsr: 0x40000048 [ 145.050326][ T2758] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bond: link becomes ready [ 145.063083][ T2758] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_team: link becomes ready [ 145.073256][ T2758] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_0: link becomes ready [ 145.083181][ T2758] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_0: link becomes ready [ 145.092909][ T2758] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_batadv: link becomes ready [ 145.107679][ T2758] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_virt_wifi: link becomes ready [ 145.117248][ T2758] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_virt_wifi: link becomes ready [ 145.146527][ T5] IPv6: ADDRCONF(NETDEV_CHANGE): team0: link becomes ready [ 145.189771][ T7208] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_1 [ 145.205425][ T7208] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 145.222585][ T7208] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 145.240804][ T12] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_team: link becomes ready [ 145.249889][ T12] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_1: link becomes ready [ 145.265175][ T12] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_hsr: link becomes ready [ 145.274013][ T12] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_0: link becomes ready [ 145.282961][ T12] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bridge: link becomes ready [ 145.294781][ T12] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready [ 145.307517][ T12] bridge0: port 1(bridge_slave_0) entered blocking state [ 145.314577][ T12] bridge0: port 1(bridge_slave_0) entered forwarding state [ 145.323017][ T12] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_vlan: link becomes ready [ 145.331886][ T12] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_vlan: link becomes ready [ 145.341105][ T12] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bridge: link becomes ready [ 145.350860][ T12] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready [ 145.360631][ T12] bridge0: port 2(bridge_slave_1) entered blocking state [ 145.367877][ T12] bridge0: port 2(bridge_slave_1) entered forwarding state [ 145.376068][ T12] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_1: link becomes ready 14:15:13 executing program 0: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) syz_kvm_setup_cpu$x86(0xffffffffffffffff, 0xffffffffffffffff, &(0x7f0000032000/0x18000)=nil, &(0x7f0000000280)=[@text32={0x20, &(0x7f0000000140)="b9800000c00f3235010000000f309a090000006500660f3882af724d00002ed8ddc74424008fc4bd87c7442402c43a727fc7442406000000000f011424f30f090f013a360f06c4c18d72d68366baa100ed", 0x51}], 0x1, 0x0, 0x0, 0x0) socketpair$nbd(0x1, 0x1, 0x0, &(0x7f00000000c0)) ioctl$KVM_CREATE_IRQCHIP(r1, 0xae60) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000bf7000)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil}) ioctl$KVM_ENABLE_CAP_CPU(r2, 0x4068aea3, &(0x7f0000000700)={0x7b}) ioctl$KVM_SET_REGS(r2, 0x4090ae82, &(0x7f00000002c0)={[0x4, 0x0, 0x40000007, 0x0, 0x0, 0x0, 0x4cb]}) ioctl$KVM_RUN(r2, 0xae80, 0x0) perf_event_open(&(0x7f0000000000)={0x0, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, 0x1, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xa, @perf_config_ext, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x4000}, 0x0, 0x0, 0xffffffffffffffff, 0x0) ioctl$KVM_RUN(r2, 0xae80, 0x0) [ 145.384947][ T12] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_batadv: link becomes ready [ 145.399340][ T7303] device veth0_vlan entered promiscuous mode [ 145.477488][ T5] IPv6: ADDRCONF(NETDEV_CHANGE): bridge0: link becomes ready [ 145.488251][ T5] IPv6: ADDRCONF(NETDEV_CHANGE): vlan0: link becomes ready [ 145.507751][ T5] IPv6: ADDRCONF(NETDEV_CHANGE): vlan1: link becomes ready [ 145.525789][ T5] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_hsr: link becomes ready [ 145.534711][ T5] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_1: link becomes ready [ 145.562198][ T5] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bond: link becomes ready [ 145.571432][ T5] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_vlan: link becomes ready [ 145.598484][ T5] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_vlan: link becomes ready [ 145.616611][ T7445] IPv6: ADDRCONF(NETDEV_CHANGE): hsr0: link becomes ready [ 145.635102][ T5] IPv6: ADDRCONF(NETDEV_CHANGE): vlan0: link becomes ready [ 145.644016][ T5] IPv6: ADDRCONF(NETDEV_CHANGE): vlan1: link becomes ready 14:15:13 executing program 0: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) syz_kvm_setup_cpu$x86(0xffffffffffffffff, 0xffffffffffffffff, &(0x7f0000032000/0x18000)=nil, &(0x7f0000000280)=[@text32={0x20, &(0x7f0000000140)="b9800000c00f3235010000000f309a090000006500660f3882af724d00002ed8ddc74424008fc4bd87c7442402c43a727fc7442406000000000f011424f30f090f013a360f06c4c18d72d68366baa100ed", 0x51}], 0x1, 0x0, 0x0, 0x0) socketpair$nbd(0x1, 0x1, 0x0, &(0x7f00000000c0)) ioctl$KVM_CREATE_IRQCHIP(r1, 0xae60) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000bf7000)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil}) ioctl$KVM_ENABLE_CAP_CPU(r2, 0x4068aea3, &(0x7f0000000700)={0x7b}) ioctl$KVM_SET_REGS(r2, 0x4090ae82, &(0x7f00000002c0)={[0x4, 0x0, 0x40000007, 0x0, 0x0, 0x0, 0x4cb]}) ioctl$KVM_RUN(r2, 0xae80, 0x0) perf_event_open(&(0x7f0000000000)={0x0, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, 0x1, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xa, @perf_config_ext, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x4000}, 0x0, 0x0, 0xffffffffffffffff, 0x0) ioctl$KVM_RUN(r2, 0xae80, 0x0) [ 145.690360][ T7384] device veth0_vlan entered promiscuous mode [ 145.807046][ T7303] device veth1_vlan entered promiscuous mode [ 145.826071][ T2881] IPv6: ADDRCONF(NETDEV_CHANGE): macvlan0: link becomes ready [ 145.844188][ T2881] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bond: link becomes ready [ 145.879807][ T8390] kvm [8389]: vcpu0, guest rIP: 0x145 Hyper-V unhandled rdmsr: 0x40000040 [ 145.882230][ T2881] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_team: link becomes ready [ 145.915574][ T8390] kvm [8389]: vcpu0, guest rIP: 0x145 Hyper-V unhandled rdmsr: 0x40000048 [ 145.915682][ T2881] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_0: link becomes ready [ 145.949630][ T2881] IPv6: ADDRCONF(NETDEV_CHANGE): team0: link becomes ready [ 145.976287][ T2881] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_team: link becomes ready [ 146.012823][ T2881] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_1: link becomes ready [ 146.025013][ T27] audit: type=1326 audit(1590070513.752:2): auid=0 uid=0 gid=0 ses=4 subj==unconfined pid=8396 comm="syz-executor.1" exe="/root/syz-executor.1" sig=31 arch=c000003e syscall=228 compat=0 ip=0x45f86a code=0x0 [ 146.104272][ T7384] device veth1_vlan entered promiscuous mode [ 146.132770][ T7303] device veth0_macvtap entered promiscuous mode 14:15:13 executing program 0: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) syz_kvm_setup_cpu$x86(0xffffffffffffffff, 0xffffffffffffffff, &(0x7f0000032000/0x18000)=nil, &(0x7f0000000280)=[@text32={0x20, &(0x7f0000000140)="b9800000c00f3235010000000f309a090000006500660f3882af724d00002ed8ddc74424008fc4bd87c7442402c43a727fc7442406000000000f011424f30f090f013a360f06c4c18d72d68366baa100ed", 0x51}], 0x1, 0x0, 0x0, 0x0) socketpair$nbd(0x1, 0x1, 0x0, &(0x7f00000000c0)) ioctl$KVM_CREATE_IRQCHIP(r1, 0xae60) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000bf7000)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil}) ioctl$KVM_ENABLE_CAP_CPU(r2, 0x4068aea3, &(0x7f0000000700)={0x7b}) ioctl$KVM_SET_REGS(r2, 0x4090ae82, &(0x7f00000002c0)={[0x4, 0x0, 0x40000007, 0x0, 0x0, 0x0, 0x4cb]}) ioctl$KVM_RUN(r2, 0xae80, 0x0) ioctl$KVM_RUN(r2, 0xae80, 0x0) [ 146.162247][ T2881] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_hsr: link becomes ready [ 146.177011][ T2881] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_0: link becomes ready [ 146.200728][ T2881] IPv6: ADDRCONF(NETDEV_CHANGE): vxcan1: link becomes ready [ 146.214343][ T2881] IPv6: ADDRCONF(NETDEV_CHANGE): vxcan0: link becomes ready [ 146.224999][ T2881] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_macvtap: link becomes ready [ 146.245183][ T2881] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_macvtap: link becomes ready [ 146.264920][ T7689] hsr0: Slave B (hsr_slave_1) is not up; please bring it up to get a fully working HSR network [ 146.281019][ T7689] IPv6: ADDRCONF(NETDEV_CHANGE): hsr0: link becomes ready [ 146.320278][ T7445] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 146.347749][ T8403] kvm [8402]: vcpu0, guest rIP: 0x145 Hyper-V unhandled rdmsr: 0x40000007 [ 146.364628][ T2881] IPv6: ADDRCONF(NETDEV_CHANGE): macvtap0: link becomes ready [ 146.365450][ T8403] kvm [8402]: vcpu0, guest rIP: 0x145 Hyper-V unhandled rdmsr: 0x40000007 [ 146.378201][ T2881] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_hsr: link becomes ready [ 146.391825][ T2881] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_1: link becomes ready [ 146.436754][ T8403] kvm [8402]: vcpu0, guest rIP: 0x145 Hyper-V unhandled rdmsr: 0x40000007 [ 146.448976][ T7303] device veth1_macvtap entered promiscuous mode 14:15:14 executing program 0: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) syz_kvm_setup_cpu$x86(0xffffffffffffffff, 0xffffffffffffffff, &(0x7f0000032000/0x18000)=nil, &(0x7f0000000280)=[@text32={0x20, &(0x7f0000000140)="b9800000c00f3235010000000f309a090000006500660f3882af724d00002ed8ddc74424008fc4bd87c7442402c43a727fc7442406000000000f011424f30f090f013a360f06c4c18d72d68366baa100ed", 0x51}], 0x1, 0x0, 0x0, 0x0) socketpair$nbd(0x1, 0x1, 0x0, &(0x7f00000000c0)) ioctl$KVM_CREATE_IRQCHIP(r1, 0xae60) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000bf7000)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil}) ioctl$KVM_ENABLE_CAP_CPU(r2, 0x4068aea3, &(0x7f0000000700)={0x7b}) ioctl$KVM_SET_REGS(r2, 0x4090ae82, &(0x7f00000002c0)={[0x4, 0x0, 0x40000007, 0x0, 0x0, 0x0, 0x4cb]}) ioctl$KVM_RUN(r2, 0xae80, 0x0) ioctl$KVM_RUN(r2, 0xae80, 0x0) [ 146.479322][ T23] IPv6: ADDRCONF(NETDEV_CHANGE): macsec0: link becomes ready [ 146.490250][ T23] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_macvtap: link becomes ready [ 146.505749][ T23] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_macvtap: link becomes ready [ 146.518398][ T7384] device veth0_macvtap entered promiscuous mode [ 146.590451][ T7384] device veth1_macvtap entered promiscuous mode [ 146.615702][ T23] IPv6: ADDRCONF(NETDEV_CHANGE): macvtap0: link becomes ready [ 146.623888][ T23] IPv6: ADDRCONF(NETDEV_CHANGE): macsec0: link becomes ready [ 146.636020][ T23] IPv6: ADDRCONF(NETDEV_CHANGE): vxcan1: link becomes ready [ 146.643972][ T23] IPv6: ADDRCONF(NETDEV_CHANGE): vxcan0: link becomes ready [ 146.672003][ T7689] 8021q: adding VLAN 0 to HW filter on device batadv0 14:15:14 executing program 0: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) syz_kvm_setup_cpu$x86(0xffffffffffffffff, 0xffffffffffffffff, &(0x7f0000032000/0x18000)=nil, &(0x7f0000000280)=[@text32={0x20, &(0x7f0000000140)="b9800000c00f3235010000000f309a090000006500660f3882af724d00002ed8ddc74424008fc4bd87c7442402c43a727fc7442406000000000f011424f30f090f013a360f06c4c18d72d68366baa100ed", 0x51}], 0x1, 0x0, 0x0, 0x0) socketpair$nbd(0x1, 0x1, 0x0, &(0x7f00000000c0)) ioctl$KVM_CREATE_IRQCHIP(r1, 0xae60) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000bf7000)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil}) ioctl$KVM_ENABLE_CAP_CPU(r2, 0x4068aea3, &(0x7f0000000700)={0x7b}) ioctl$KVM_SET_REGS(r2, 0x4090ae82, &(0x7f00000002c0)={[0x4, 0x0, 0x40000007, 0x0, 0x0, 0x0, 0x4cb]}) ioctl$KVM_RUN(r2, 0xae80, 0x0) ioctl$KVM_RUN(r2, 0xae80, 0x0) 14:15:14 executing program 1: seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0xa, &(0x7f00000001c0)={0x1, &(0x7f00000002c0)=[{0x6, 0x0, 0x0, 0x7ffffffb}]}) seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x8, &(0x7f00000001c0)={0x1, &(0x7f00000002c0)=[{0x6}]}) [ 146.686833][ T7303] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3d) already exists on: batadv_slave_0 [ 146.725609][ T7303] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 146.770035][ T7303] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3d) already exists on: batadv_slave_0 [ 146.802994][ T7303] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 146.840048][ T7303] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 146.875953][ T2881] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_0: link becomes ready 14:15:14 executing program 1: perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x41c1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0) openat$cgroup_ro(0xffffffffffffffff, &(0x7f0000000200)='cpuset.memory_pressure\x00', 0x0, 0x0) syz_open_dev$vcsn(0x0, 0x0, 0x4000) socket(0x0, 0x0, 0x0) ioctl$KVM_CREATE_VM(0xffffffffffffffff, 0xae01, 0x0) r0 = creat(&(0x7f0000000240)='./bus\x00', 0x0) ioctl$FS_IOC_RESVSP(r0, 0x402c5828, &(0x7f00000001c0)={0xd8, 0x0, 0x0, 0x41275301, 0x36ff1, 0x8000000, [0x0, 0x0, 0x20800]}) openat$cgroup_ro(0xffffffffffffffff, &(0x7f0000000040)='cgroup.controllers\x00', 0x0, 0x0) r1 = socket$inet_udp(0x2, 0x2, 0x0) ioctl$sock_SIOCGIFVLAN_ADD_VLAN_CMD(r1, 0x8907, 0x0) setsockopt$IPT_SO_SET_ADD_COUNTERS(r1, 0x0, 0x41, &(0x7f0000000080)=ANY=[@ANYBLOB], 0x44) [ 146.893825][ T2881] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_batadv: link becomes ready [ 146.929258][ T7303] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_1 [ 146.969703][ T8425] kvm [8423]: vcpu0, guest rIP: 0x145 Hyper-V unhandled rdmsr: 0x40000007 [ 146.978780][ T7303] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 147.036390][ T7303] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_1 [ 147.056507][ T7303] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 147.075078][ T7303] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 147.087590][ T7384] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3d) already exists on: batadv_slave_0 [ 147.118845][ T7384] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 147.131104][ T7384] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3d) already exists on: batadv_slave_0 [ 147.143817][ T7384] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 147.158818][ T7384] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3d) already exists on: batadv_slave_0 [ 147.171327][ T7384] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 147.184532][ T7384] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 147.199845][ T7384] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_1 [ 147.217759][ T7384] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 147.239438][ T7384] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_1 [ 147.279770][ T7384] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 147.324188][ T7384] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_1 [ 147.337268][ T7384] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 147.353672][ T7384] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 147.364762][ T23] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_1: link becomes ready [ 147.377185][ T23] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_batadv: link becomes ready [ 147.387678][ T23] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_0: link becomes ready [ 147.419314][ T23] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_batadv: link becomes ready [ 147.453716][ T23] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_1: link becomes ready [ 147.464258][ T0] NOHZ: local_softirq_pending 08 [ 147.479417][ T23] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_batadv: link becomes ready [ 147.536549][ T23] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_virt_wifi: link becomes ready [ 147.546671][ T23] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_virt_wifi: link becomes ready 14:15:15 executing program 2: [ 147.844166][ T7445] device veth0_vlan entered promiscuous mode [ 147.874668][ T5] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_virt_wifi: link becomes ready [ 147.884345][ T5] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_virt_wifi: link becomes ready [ 147.903756][ T5] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_vlan: link becomes ready [ 147.913383][ T5] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_vlan: link becomes ready [ 147.994081][ T7445] device veth1_vlan entered promiscuous mode [ 148.035747][ T2758] IPv6: ADDRCONF(NETDEV_CHANGE): vlan0: link becomes ready [ 148.043921][ T2758] IPv6: ADDRCONF(NETDEV_CHANGE): vlan1: link becomes ready [ 148.060999][ T2758] IPv6: ADDRCONF(NETDEV_CHANGE): macvlan0: link becomes ready [ 148.072390][ T2758] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_vlan: link becomes ready [ 148.093996][ T2758] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_vlan: link becomes ready [ 148.108847][ C1] hrtimer: interrupt took 102228 ns [ 148.118992][ T2758] IPv6: ADDRCONF(NETDEV_CHANGE): vlan0: link becomes ready [ 148.134415][ T2758] IPv6: ADDRCONF(NETDEV_CHANGE): vlan1: link becomes ready [ 148.154749][ T7689] device veth0_vlan entered promiscuous mode [ 148.231900][ T7689] device veth1_vlan entered promiscuous mode [ 148.289419][ T2758] IPv6: ADDRCONF(NETDEV_CHANGE): macvlan1: link becomes ready [ 148.306567][ T2758] IPv6: ADDRCONF(NETDEV_CHANGE): macvlan0: link becomes ready [ 148.314928][ T2758] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_macvtap: link becomes ready [ 148.326825][ T2758] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_macvtap: link becomes ready [ 148.343831][ T7445] device veth0_macvtap entered promiscuous mode [ 148.394626][ T5] IPv6: ADDRCONF(NETDEV_CHANGE): macvlan1: link becomes ready [ 148.404513][ T5] IPv6: ADDRCONF(NETDEV_CHANGE): macvtap0: link becomes ready [ 148.422063][ T5] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_macvtap: link becomes ready [ 148.431877][ T5] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_macvtap: link becomes ready [ 148.448747][ T7445] device veth1_macvtap entered promiscuous mode [ 148.463285][ T7689] device veth0_macvtap entered promiscuous mode [ 148.477766][ T7689] device veth1_macvtap entered promiscuous mode [ 148.522594][ T7689] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3d) already exists on: batadv_slave_0 [ 148.533327][ T7689] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 148.544426][ T7689] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3d) already exists on: batadv_slave_0 [ 148.556256][ T7689] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 148.567157][ T7689] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3d) already exists on: batadv_slave_0 [ 148.580902][ T7689] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 148.591759][ T7689] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3d) already exists on: batadv_slave_0 [ 148.602497][ T7689] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 148.616007][ T7689] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 148.625235][ T7445] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3d) already exists on: batadv_slave_0 [ 148.640982][ T7445] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 148.651822][ T7445] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3d) already exists on: batadv_slave_0 [ 148.670982][ T7445] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 148.682835][ T7445] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3d) already exists on: batadv_slave_0 [ 148.699773][ T7445] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 148.711323][ T7445] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3d) already exists on: batadv_slave_0 [ 148.727181][ T7445] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 148.741773][ T7445] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3d) already exists on: batadv_slave_0 [ 148.754620][ T7445] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 148.767582][ T7445] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 148.790754][ T23] IPv6: ADDRCONF(NETDEV_CHANGE): macvtap0: link becomes ready [ 148.799079][ T23] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_0: link becomes ready [ 148.809356][ T23] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_batadv: link becomes ready [ 148.821740][ T23] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_0: link becomes ready [ 148.831721][ T23] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_batadv: link becomes ready [ 148.842761][ T7689] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_1 [ 148.855838][ T7689] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 148.866409][ T7689] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_1 [ 148.877013][ T7689] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! 14:15:16 executing program 3: perf_event_open(&(0x7f0000000100)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3c43, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r0 = creat(&(0x7f00000002c0)='./bus\x00', 0x17a) ioctl$BLKRAGET(0xffffffffffffffff, 0x1263, &(0x7f0000000280)) ioctl$KVM_SET_VCPU_EVENTS(0xffffffffffffffff, 0x4040aea0, &(0x7f0000000200)={0x0, 0xc, 0x0, 0x0, 0x0, 0x3, 0x0, 0x4, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4, [], 0x0, 0x8}) r1 = socket$inet(0x2, 0x4000000000000001, 0x0) setsockopt$inet_tcp_int(r1, 0x6, 0x80000000000002, &(0x7f0000000740)=0x200, 0x4) setsockopt$inet_tcp_TCP_MD5SIG(r1, 0x6, 0xe, &(0x7f00000004c0)={@in={{0x2, 0x1, @loopback}}, 0x0, 0x0, 0x7, 0x0, "98d3340600c7aa11897ecaab876eab79576839c5656be8410f2802e944af80373be2666b66577017e1e49e64907d5dd5749393ad08f139a68f00"}, 0xd8) bind$inet(r1, &(0x7f0000000480)={0x2, 0x4e23, @multicast1}, 0x10) sendto$inet(r1, 0x0, 0x0, 0x200007fd, &(0x7f00000008c0)={0x2, 0x24e23, @loopback}, 0x10) recvmsg(r1, &(0x7f0000000240)={&(0x7f0000000040)=@nfc, 0xf012, &(0x7f0000000180)=[{&(0x7f0000003ac0)=""/4096, 0xb880}], 0xa, &(0x7f0000000200)=""/20, 0x14, 0xb01001f1}, 0x0) write$binfmt_elf64(r1, &(0x7f00000000c0)=ANY=[@ANYRES64], 0xc63b9e35) ioctl$KDGKBSENT(r0, 0x4b48, &(0x7f0000000900)={0x0, "272d1e1709113b53f1254c0431bd17083fc8ea99474deaefb263a8e3e5aefb4f4bc6f3614b547f6706f9402affb499254f919225b247d3a8d0f3309f9f5de205e1c7d04067a6c06cfc971979fc9193471a80d9444dff31339edaff6c6d2622f0045e8d7fb20f1c3547b0dba76e1c59c69bda30d7870cabe77a1a047dd0b8740b372843275b3f6a81027cd128c2d8bf2a3b1ec3aed306c14dd5e23aa1d61e325f6c9f8b6a231b286774e2443f4b288948225954041f969f2b18a037aa9fb7f0d4ed1f786bf8607e5662e77bc936be72050a58df55c4ea43c43e95db7521b800c2ec53938ea2e4d9b3bd18632c53b3abad220be1d8bec93f81e009b4fc9a2259597da2bde0dc0dcb820a326eb1c614f63a50bcc366a076b97a50c663c41a6a335b7573cc787f41378b3c6610d2a5009df95dbbcce16fa044df02b096dbf930a3dd747bc3d637175c2cd59aa748785ff5a5ae8cd6f10398bc694027f948f201e7f3b211f0d4399e0d620b28e74de7c29c44d37e2032a80ee16d5e2771097caf7a043852dd76629a8596af349953e3a9f622efdbf56c6fe9b64f00f506eb3df8307d368b603cd87ad80158c96ff2fd8a19b97e3151c4684e9e29a5a81617758df7d67264bda173c5e66c4216bb533fe3f8699519c0e3aaf04b00df94931a2be928ae7a2011c5778ba29b15cf1bd447b997be2e841ea520ace405f995335080df16d4"}) openat$nvram(0xffffff9c, &(0x7f00000001c0)='/dev/nvram\x00', 0x81e03b701daec94f, 0x0) sendmsg$NL80211_CMD_SET_INTERFACE(r0, &(0x7f0000000400)={&(0x7f0000000300), 0xc, &(0x7f00000003c0)={&(0x7f0000000380)={0x2c, 0x0, 0x200, 0x70bd2c, 0x25dfdbff, {}, [@NL80211_ATTR_WIPHY={0x8}, @NL80211_ATTR_WIPHY={0x8}, @NL80211_ATTR_IFTYPE={0x8, 0x5, 0xb}]}, 0x2c}}, 0x10) ioctl$EXT4_IOC_GROUP_ADD(r0, 0x1277, &(0x7f0000000000)={0x20008000, 0x0, 0x800000000000, 0x8}) r2 = socket$inet(0x2, 0x4000000000000001, 0x0) setsockopt$inet_group_source_req(r2, 0x0, 0x16, 0x0, 0x0) r3 = syz_genetlink_get_family_id$nl80211(0x0) sendmsg$NL80211_CMD_SET_INTERFACE(0xffffffffffffffff, &(0x7f0000000300)={&(0x7f0000000240)={0x10, 0x0, 0x0, 0x2000000}, 0xc, &(0x7f00000002c0)={&(0x7f0000000280)={0x30, r3, 0x800, 0x70bd27, 0x25dfdbff, {}, [@NL80211_ATTR_WIPHY={0x8}, @NL80211_ATTR_IFNAME={0x14, 0x4, 'ipvlan1\x00'}]}, 0x30}, 0x1, 0x0, 0x0, 0x1}, 0x0) [ 148.888180][ T7689] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_1 [ 148.922030][ T7689] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 148.932617][ T7689] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_1 [ 148.966423][ T7689] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 148.987458][ T7689] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 149.032182][ T23] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_1: link becomes ready [ 149.042547][ T23] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_batadv: link becomes ready [ 149.069649][ T7445] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_1 [ 149.080624][ T7445] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 149.095543][ T7445] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_1 [ 149.132731][ T7445] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 149.158024][ T7445] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_1 [ 149.177154][ T7445] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 149.193015][ T7445] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_1 [ 149.211337][ T7445] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 149.223564][ T7445] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_1 [ 149.238173][ T7445] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 149.251014][ T7445] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 149.276883][ T23] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_1: link becomes ready [ 149.285862][ T23] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_batadv: link becomes ready 14:15:17 executing program 4: perf_event_open(&(0x7f0000000100)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3c43, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r0 = creat(&(0x7f00000002c0)='./bus\x00', 0x17a) ioctl$BLKRAGET(0xffffffffffffffff, 0x1263, &(0x7f0000000280)) ioctl$KVM_SET_VCPU_EVENTS(0xffffffffffffffff, 0x4040aea0, &(0x7f0000000200)={0x0, 0xc, 0x0, 0x0, 0x0, 0x3, 0x0, 0x4, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4, [], 0x0, 0x8}) r1 = socket$inet(0x2, 0x4000000000000001, 0x0) setsockopt$inet_tcp_int(r1, 0x6, 0x80000000000002, &(0x7f0000000740)=0x200, 0x4) setsockopt$inet_tcp_TCP_MD5SIG(r1, 0x6, 0xe, &(0x7f00000004c0)={@in={{0x2, 0x1, @loopback}}, 0x0, 0x0, 0x7, 0x0, "98d3340600c7aa11897ecaab876eab79576839c5656be8410f2802e944af80373be2666b66577017e1e49e64907d5dd5749393ad08f139a68f00"}, 0xd8) bind$inet(r1, &(0x7f0000000480)={0x2, 0x4e23, @multicast1}, 0x10) sendto$inet(r1, 0x0, 0x0, 0x200007fd, &(0x7f00000008c0)={0x2, 0x24e23, @loopback}, 0x10) recvmsg(r1, &(0x7f0000000240)={&(0x7f0000000040)=@nfc, 0xf012, &(0x7f0000000180)=[{&(0x7f0000003ac0)=""/4096, 0xb880}], 0xa, &(0x7f0000000200)=""/20, 0x14, 0xb01001f1}, 0x0) write$binfmt_elf64(r1, &(0x7f00000000c0)=ANY=[@ANYRES64], 0xc63b9e35) ioctl$KDGKBSENT(r0, 0x4b48, &(0x7f0000000900)={0x0, "272d1e1709113b53f1254c0431bd17083fc8ea99474deaefb263a8e3e5aefb4f4bc6f3614b547f6706f9402affb499254f919225b247d3a8d0f3309f9f5de205e1c7d04067a6c06cfc971979fc9193471a80d9444dff31339edaff6c6d2622f0045e8d7fb20f1c3547b0dba76e1c59c69bda30d7870cabe77a1a047dd0b8740b372843275b3f6a81027cd128c2d8bf2a3b1ec3aed306c14dd5e23aa1d61e325f6c9f8b6a231b286774e2443f4b288948225954041f969f2b18a037aa9fb7f0d4ed1f786bf8607e5662e77bc936be72050a58df55c4ea43c43e95db7521b800c2ec53938ea2e4d9b3bd18632c53b3abad220be1d8bec93f81e009b4fc9a2259597da2bde0dc0dcb820a326eb1c614f63a50bcc366a076b97a50c663c41a6a335b7573cc787f41378b3c6610d2a5009df95dbbcce16fa044df02b096dbf930a3dd747bc3d637175c2cd59aa748785ff5a5ae8cd6f10398bc694027f948f201e7f3b211f0d4399e0d620b28e74de7c29c44d37e2032a80ee16d5e2771097caf7a043852dd76629a8596af349953e3a9f622efdbf56c6fe9b64f00f506eb3df8307d368b603cd87ad80158c96ff2fd8a19b97e3151c4684e9e29a5a81617758df7d67264bda173c5e66c4216bb533fe3f8699519c0e3aaf04b00df94931a2be928ae7a2011c5778ba29b15cf1bd447b997be2e841ea520ace405f995335080df16d4"}) openat$nvram(0xffffff9c, &(0x7f00000001c0)='/dev/nvram\x00', 0x81e03b701daec94f, 0x0) sendmsg$NL80211_CMD_SET_INTERFACE(r0, &(0x7f0000000400)={&(0x7f0000000300), 0xc, &(0x7f00000003c0)={&(0x7f0000000380)={0x2c, 0x0, 0x200, 0x70bd2c, 0x25dfdbff, {}, [@NL80211_ATTR_WIPHY={0x8}, @NL80211_ATTR_WIPHY={0x8}, @NL80211_ATTR_IFTYPE={0x8, 0x5, 0xb}]}, 0x2c}}, 0x10) ioctl$EXT4_IOC_GROUP_ADD(r0, 0x1277, &(0x7f0000000000)={0x20008000, 0x0, 0x800000000000, 0x8}) r2 = socket$inet(0x2, 0x4000000000000001, 0x0) setsockopt$inet_group_source_req(r2, 0x0, 0x16, 0x0, 0x0) r3 = syz_genetlink_get_family_id$nl80211(0x0) sendmsg$NL80211_CMD_SET_INTERFACE(0xffffffffffffffff, &(0x7f0000000300)={&(0x7f0000000240)={0x10, 0x0, 0x0, 0x2000000}, 0xc, &(0x7f00000002c0)={&(0x7f0000000280)={0x30, r3, 0x800, 0x70bd27, 0x25dfdbff, {}, [@NL80211_ATTR_WIPHY={0x8}, @NL80211_ATTR_IFNAME={0x14, 0x4, 'ipvlan1\x00'}]}, 0x30}, 0x1, 0x0, 0x0, 0x1}, 0x0) 14:15:17 executing program 5: r0 = perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x41bd, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xfffffffdffffffff, 0xffffffffffffffff, 0x0) r1 = getpid() sched_setscheduler(r1, 0x0, 0x0) perf_event_open(&(0x7f0000000180)={0x1, 0x70, 0x0, 0x0, 0xfc, 0x0, 0x0, 0xffffffffffff8001, 0x0, 0x2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x6ab5d78f8d69033f) r2 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000140)='/dev/kvm\x00', 0x0, 0x0) r3 = ioctl$KVM_CREATE_VM(r2, 0xae01, 0x0) ioctl$KVM_CREATE_IRQCHIP(0xffffffffffffffff, 0xae60) r4 = ioctl$KVM_CREATE_VCPU(r3, 0xae41, 0x0) ioctl$KVM_CREATE_PIT2(r3, 0x4040ae77, &(0x7f0000000200)) dup3(r2, r3, 0x0) dup2(r0, r4) 14:15:17 executing program 0: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) syz_kvm_setup_cpu$x86(0xffffffffffffffff, 0xffffffffffffffff, &(0x7f0000032000/0x18000)=nil, &(0x7f0000000280)=[@text32={0x20, &(0x7f0000000140)="b9800000c00f3235010000000f309a090000006500660f3882af724d00002ed8ddc74424008fc4bd87c7442402c43a727fc7442406000000000f011424f30f090f013a360f06c4c18d72d68366baa100ed", 0x51}], 0x1, 0x0, 0x0, 0x0) socketpair$nbd(0x1, 0x1, 0x0, &(0x7f00000000c0)) ioctl$KVM_CREATE_IRQCHIP(r1, 0xae60) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000bf7000)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil}) ioctl$KVM_ENABLE_CAP_CPU(r2, 0x4068aea3, &(0x7f0000000700)={0x7b}) ioctl$KVM_SET_REGS(r2, 0x4090ae82, &(0x7f00000002c0)={[0x4, 0x0, 0x40000007, 0x0, 0x0, 0x0, 0x4cb]}) perf_event_open(&(0x7f0000000000)={0x0, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, 0x1, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xa, @perf_config_ext, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x4000}, 0x0, 0x0, 0xffffffffffffffff, 0x0) ioctl$KVM_RUN(r2, 0xae80, 0x0) 14:15:17 executing program 2: 14:15:17 executing program 1: 14:15:17 executing program 3: perf_event_open(&(0x7f0000000100)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3c43, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r0 = creat(&(0x7f00000002c0)='./bus\x00', 0x17a) ioctl$BLKRAGET(0xffffffffffffffff, 0x1263, &(0x7f0000000280)) ioctl$KVM_SET_VCPU_EVENTS(0xffffffffffffffff, 0x4040aea0, &(0x7f0000000200)={0x0, 0xc, 0x0, 0x0, 0x0, 0x3, 0x0, 0x4, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4, [], 0x0, 0x8}) r1 = socket$inet(0x2, 0x4000000000000001, 0x0) setsockopt$inet_tcp_int(r1, 0x6, 0x80000000000002, &(0x7f0000000740)=0x200, 0x4) setsockopt$inet_tcp_TCP_MD5SIG(r1, 0x6, 0xe, &(0x7f00000004c0)={@in={{0x2, 0x1, @loopback}}, 0x0, 0x0, 0x7, 0x0, "98d3340600c7aa11897ecaab876eab79576839c5656be8410f2802e944af80373be2666b66577017e1e49e64907d5dd5749393ad08f139a68f00"}, 0xd8) bind$inet(r1, &(0x7f0000000480)={0x2, 0x4e23, @multicast1}, 0x10) sendto$inet(r1, 0x0, 0x0, 0x200007fd, &(0x7f00000008c0)={0x2, 0x24e23, @loopback}, 0x10) recvmsg(r1, &(0x7f0000000240)={&(0x7f0000000040)=@nfc, 0xf012, &(0x7f0000000180)=[{&(0x7f0000003ac0)=""/4096, 0xb880}], 0xa, &(0x7f0000000200)=""/20, 0x14, 0xb01001f1}, 0x0) write$binfmt_elf64(r1, &(0x7f00000000c0)=ANY=[@ANYRES64], 0xc63b9e35) ioctl$KDGKBSENT(r0, 0x4b48, &(0x7f0000000900)={0x0, "272d1e1709113b53f1254c0431bd17083fc8ea99474deaefb263a8e3e5aefb4f4bc6f3614b547f6706f9402affb499254f919225b247d3a8d0f3309f9f5de205e1c7d04067a6c06cfc971979fc9193471a80d9444dff31339edaff6c6d2622f0045e8d7fb20f1c3547b0dba76e1c59c69bda30d7870cabe77a1a047dd0b8740b372843275b3f6a81027cd128c2d8bf2a3b1ec3aed306c14dd5e23aa1d61e325f6c9f8b6a231b286774e2443f4b288948225954041f969f2b18a037aa9fb7f0d4ed1f786bf8607e5662e77bc936be72050a58df55c4ea43c43e95db7521b800c2ec53938ea2e4d9b3bd18632c53b3abad220be1d8bec93f81e009b4fc9a2259597da2bde0dc0dcb820a326eb1c614f63a50bcc366a076b97a50c663c41a6a335b7573cc787f41378b3c6610d2a5009df95dbbcce16fa044df02b096dbf930a3dd747bc3d637175c2cd59aa748785ff5a5ae8cd6f10398bc694027f948f201e7f3b211f0d4399e0d620b28e74de7c29c44d37e2032a80ee16d5e2771097caf7a043852dd76629a8596af349953e3a9f622efdbf56c6fe9b64f00f506eb3df8307d368b603cd87ad80158c96ff2fd8a19b97e3151c4684e9e29a5a81617758df7d67264bda173c5e66c4216bb533fe3f8699519c0e3aaf04b00df94931a2be928ae7a2011c5778ba29b15cf1bd447b997be2e841ea520ace405f995335080df16d4"}) openat$nvram(0xffffff9c, &(0x7f00000001c0)='/dev/nvram\x00', 0x81e03b701daec94f, 0x0) sendmsg$NL80211_CMD_SET_INTERFACE(r0, &(0x7f0000000400)={&(0x7f0000000300), 0xc, &(0x7f00000003c0)={&(0x7f0000000380)={0x2c, 0x0, 0x200, 0x70bd2c, 0x25dfdbff, {}, [@NL80211_ATTR_WIPHY={0x8}, @NL80211_ATTR_WIPHY={0x8}, @NL80211_ATTR_IFTYPE={0x8, 0x5, 0xb}]}, 0x2c}}, 0x10) ioctl$EXT4_IOC_GROUP_ADD(r0, 0x1277, &(0x7f0000000000)={0x20008000, 0x0, 0x800000000000, 0x8}) r2 = socket$inet(0x2, 0x4000000000000001, 0x0) setsockopt$inet_group_source_req(r2, 0x0, 0x16, 0x0, 0x0) r3 = syz_genetlink_get_family_id$nl80211(0x0) sendmsg$NL80211_CMD_SET_INTERFACE(0xffffffffffffffff, &(0x7f0000000300)={&(0x7f0000000240)={0x10, 0x0, 0x0, 0x2000000}, 0xc, &(0x7f00000002c0)={&(0x7f0000000280)={0x30, r3, 0x800, 0x70bd27, 0x25dfdbff, {}, [@NL80211_ATTR_WIPHY={0x8}, @NL80211_ATTR_IFNAME={0x14, 0x4, 'ipvlan1\x00'}]}, 0x30}, 0x1, 0x0, 0x0, 0x1}, 0x0) 14:15:17 executing program 1: 14:15:17 executing program 2: mkdir(&(0x7f0000000240)='./file1\x00', 0x0) mkdir(&(0x7f0000000180)='./bus\x00', 0x0) mkdir(&(0x7f0000000280)='./file0\x00', 0x0) mount$overlay(0x0, &(0x7f00000000c0)='./bus\x00', &(0x7f0000000080)='overlay\x00', 0x0, &(0x7f00000001c0)={[{@upperdir={'upperdir', 0x3d, './file0'}}, {@workdir={'workdir', 0x3d, './file1'}}, {@lowerdir={'lowerdir', 0x3d, '.'}}]}) rmdir(&(0x7f0000000300)='./file0\x00') symlink(&(0x7f0000000100)='./file1\x00', &(0x7f00000002c0)='./bus/file0\x00') 14:15:18 executing program 0: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) syz_kvm_setup_cpu$x86(0xffffffffffffffff, 0xffffffffffffffff, &(0x7f0000032000/0x18000)=nil, &(0x7f0000000280)=[@text32={0x20, &(0x7f0000000140)="b9800000c00f3235010000000f309a090000006500660f3882af724d00002ed8ddc74424008fc4bd87c7442402c43a727fc7442406000000000f011424f30f090f013a360f06c4c18d72d68366baa100ed", 0x51}], 0x1, 0x0, 0x0, 0x0) socketpair$nbd(0x1, 0x1, 0x0, &(0x7f00000000c0)) ioctl$KVM_CREATE_IRQCHIP(r1, 0xae60) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000bf7000)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil}) ioctl$KVM_ENABLE_CAP_CPU(r2, 0x4068aea3, &(0x7f0000000700)={0x7b}) ioctl$KVM_SET_REGS(r2, 0x4090ae82, &(0x7f00000002c0)={[0x4, 0x0, 0x40000007, 0x0, 0x0, 0x0, 0x4cb]}) perf_event_open(&(0x7f0000000000)={0x0, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, 0x1, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xa, @perf_config_ext, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x4000}, 0x0, 0x0, 0xffffffffffffffff, 0x0) ioctl$KVM_RUN(r2, 0xae80, 0x0) 14:15:18 executing program 1: perf_event_open(&(0x7f0000000100)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3c43, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r0 = creat(&(0x7f00000002c0)='./bus\x00', 0x17a) ioctl$BLKRAGET(0xffffffffffffffff, 0x1263, &(0x7f0000000280)) ioctl$KVM_SET_VCPU_EVENTS(0xffffffffffffffff, 0x4040aea0, &(0x7f0000000200)={0x0, 0xc, 0x0, 0x0, 0x0, 0x3, 0x0, 0x4, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4, [], 0x0, 0x8}) r1 = socket$inet(0x2, 0x4000000000000001, 0x0) setsockopt$inet_tcp_int(r1, 0x6, 0x80000000000002, &(0x7f0000000740)=0x200, 0x4) setsockopt$inet_tcp_TCP_MD5SIG(r1, 0x6, 0xe, &(0x7f00000004c0)={@in={{0x2, 0x1, @loopback}}, 0x0, 0x0, 0x7, 0x0, "98d3340600c7aa11897ecaab876eab79576839c5656be8410f2802e944af80373be2666b66577017e1e49e64907d5dd5749393ad08f139a68f00"}, 0xd8) bind$inet(r1, &(0x7f0000000480)={0x2, 0x4e23, @multicast1}, 0x10) sendto$inet(r1, 0x0, 0x0, 0x200007fd, &(0x7f00000008c0)={0x2, 0x24e23, @loopback}, 0x10) recvmsg(r1, &(0x7f0000000240)={&(0x7f0000000040)=@nfc, 0xf012, &(0x7f0000000180)=[{&(0x7f0000003ac0)=""/4096, 0xb880}], 0xa, &(0x7f0000000200)=""/20, 0x14, 0xb01001f1}, 0x0) write$binfmt_elf64(r1, &(0x7f00000000c0)=ANY=[@ANYRES64], 0xc63b9e35) ioctl$KDGKBSENT(r0, 0x4b48, &(0x7f0000000900)={0x0, "272d1e1709113b53f1254c0431bd17083fc8ea99474deaefb263a8e3e5aefb4f4bc6f3614b547f6706f9402affb499254f919225b247d3a8d0f3309f9f5de205e1c7d04067a6c06cfc971979fc9193471a80d9444dff31339edaff6c6d2622f0045e8d7fb20f1c3547b0dba76e1c59c69bda30d7870cabe77a1a047dd0b8740b372843275b3f6a81027cd128c2d8bf2a3b1ec3aed306c14dd5e23aa1d61e325f6c9f8b6a231b286774e2443f4b288948225954041f969f2b18a037aa9fb7f0d4ed1f786bf8607e5662e77bc936be72050a58df55c4ea43c43e95db7521b800c2ec53938ea2e4d9b3bd18632c53b3abad220be1d8bec93f81e009b4fc9a2259597da2bde0dc0dcb820a326eb1c614f63a50bcc366a076b97a50c663c41a6a335b7573cc787f41378b3c6610d2a5009df95dbbcce16fa044df02b096dbf930a3dd747bc3d637175c2cd59aa748785ff5a5ae8cd6f10398bc694027f948f201e7f3b211f0d4399e0d620b28e74de7c29c44d37e2032a80ee16d5e2771097caf7a043852dd76629a8596af349953e3a9f622efdbf56c6fe9b64f00f506eb3df8307d368b603cd87ad80158c96ff2fd8a19b97e3151c4684e9e29a5a81617758df7d67264bda173c5e66c4216bb533fe3f8699519c0e3aaf04b00df94931a2be928ae7a2011c5778ba29b15cf1bd447b997be2e841ea520ace405f995335080df16d4"}) openat$nvram(0xffffff9c, &(0x7f00000001c0)='/dev/nvram\x00', 0x81e03b701daec94f, 0x0) setsockopt$inet_group_source_req(0xffffffffffffffff, 0x0, 0x16, 0x0, 0x0) syz_genetlink_get_family_id$nl80211(0x0) 14:15:18 executing program 5: [ 150.604176][ T8514] overlayfs: overlapping upperdir path [ 150.714306][ T8517] overlayfs: failed to verify upper (3/file0, ino=15776, err=-116) [ 150.790266][ T8517] overlayfs: failed to verify index dir 'upper' xattr 14:15:18 executing program 0: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) syz_kvm_setup_cpu$x86(0xffffffffffffffff, 0xffffffffffffffff, &(0x7f0000032000/0x18000)=nil, &(0x7f0000000280)=[@text32={0x20, &(0x7f0000000140)="b9800000c00f3235010000000f309a090000006500660f3882af724d00002ed8ddc74424008fc4bd87c7442402c43a727fc7442406000000000f011424f30f090f013a360f06c4c18d72d68366baa100ed", 0x51}], 0x1, 0x0, 0x0, 0x0) socketpair$nbd(0x1, 0x1, 0x0, &(0x7f00000000c0)) ioctl$KVM_CREATE_IRQCHIP(r1, 0xae60) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000bf7000)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil}) ioctl$KVM_ENABLE_CAP_CPU(r2, 0x4068aea3, &(0x7f0000000700)={0x7b}) ioctl$KVM_SET_REGS(r2, 0x4090ae82, &(0x7f00000002c0)={[0x4, 0x0, 0x40000007, 0x0, 0x0, 0x0, 0x4cb]}) perf_event_open(&(0x7f0000000000)={0x0, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, 0x1, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xa, @perf_config_ext, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x4000}, 0x0, 0x0, 0xffffffffffffffff, 0x0) ioctl$KVM_RUN(r2, 0xae80, 0x0) 14:15:18 executing program 4: [ 150.868741][ T8517] overlayfs: try deleting index dir or mounting with '-o index=off' to disable inodes index. 14:15:18 executing program 5: 14:15:18 executing program 2: 14:15:18 executing program 3: 14:15:18 executing program 4: 14:15:18 executing program 5: 14:15:18 executing program 0: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) syz_kvm_setup_cpu$x86(0xffffffffffffffff, 0xffffffffffffffff, &(0x7f0000032000/0x18000)=nil, &(0x7f0000000280)=[@text32={0x20, &(0x7f0000000140)="b9800000c00f3235010000000f309a090000006500660f3882af724d00002ed8ddc74424008fc4bd87c7442402c43a727fc7442406000000000f011424f30f090f013a360f06c4c18d72d68366baa100ed", 0x51}], 0x1, 0x0, 0x0, 0x0) socketpair$nbd(0x1, 0x1, 0x0, &(0x7f00000000c0)) ioctl$KVM_CREATE_IRQCHIP(r1, 0xae60) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000bf7000)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil}) ioctl$KVM_ENABLE_CAP_CPU(r2, 0x4068aea3, &(0x7f0000000700)={0x7b}) ioctl$KVM_RUN(r2, 0xae80, 0x0) perf_event_open(&(0x7f0000000000)={0x0, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, 0x1, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xa, @perf_config_ext, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x4000}, 0x0, 0x0, 0xffffffffffffffff, 0x0) ioctl$KVM_RUN(r2, 0xae80, 0x0) 14:15:18 executing program 2: 14:15:19 executing program 4: 14:15:19 executing program 1: perf_event_open(&(0x7f0000000100)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3c43, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r0 = creat(&(0x7f00000002c0)='./bus\x00', 0x17a) ioctl$BLKRAGET(0xffffffffffffffff, 0x1263, &(0x7f0000000280)) ioctl$KVM_SET_VCPU_EVENTS(0xffffffffffffffff, 0x4040aea0, &(0x7f0000000200)={0x0, 0xc, 0x0, 0x0, 0x0, 0x3, 0x0, 0x4, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4, [], 0x0, 0x8}) r1 = socket$inet(0x2, 0x4000000000000001, 0x0) setsockopt$inet_tcp_int(r1, 0x6, 0x80000000000002, &(0x7f0000000740)=0x200, 0x4) setsockopt$inet_tcp_TCP_MD5SIG(r1, 0x6, 0xe, &(0x7f00000004c0)={@in={{0x2, 0x1, @loopback}}, 0x0, 0x0, 0x7, 0x0, "98d3340600c7aa11897ecaab876eab79576839c5656be8410f2802e944af80373be2666b66577017e1e49e64907d5dd5749393ad08f139a68f00"}, 0xd8) bind$inet(r1, &(0x7f0000000480)={0x2, 0x4e23, @multicast1}, 0x10) sendto$inet(r1, 0x0, 0x0, 0x200007fd, &(0x7f00000008c0)={0x2, 0x24e23, @loopback}, 0x10) recvmsg(r1, &(0x7f0000000240)={&(0x7f0000000040)=@nfc, 0xf012, &(0x7f0000000180)=[{&(0x7f0000003ac0)=""/4096, 0xb880}], 0xa, &(0x7f0000000200)=""/20, 0x14, 0xb01001f1}, 0x0) write$binfmt_elf64(r1, &(0x7f00000000c0)=ANY=[@ANYRES64], 0xc63b9e35) ioctl$KDGKBSENT(r0, 0x4b48, &(0x7f0000000900)={0x0, "272d1e1709113b53f1254c0431bd17083fc8ea99474deaefb263a8e3e5aefb4f4bc6f3614b547f6706f9402affb499254f919225b247d3a8d0f3309f9f5de205e1c7d04067a6c06cfc971979fc9193471a80d9444dff31339edaff6c6d2622f0045e8d7fb20f1c3547b0dba76e1c59c69bda30d7870cabe77a1a047dd0b8740b372843275b3f6a81027cd128c2d8bf2a3b1ec3aed306c14dd5e23aa1d61e325f6c9f8b6a231b286774e2443f4b288948225954041f969f2b18a037aa9fb7f0d4ed1f786bf8607e5662e77bc936be72050a58df55c4ea43c43e95db7521b800c2ec53938ea2e4d9b3bd18632c53b3abad220be1d8bec93f81e009b4fc9a2259597da2bde0dc0dcb820a326eb1c614f63a50bcc366a076b97a50c663c41a6a335b7573cc787f41378b3c6610d2a5009df95dbbcce16fa044df02b096dbf930a3dd747bc3d637175c2cd59aa748785ff5a5ae8cd6f10398bc694027f948f201e7f3b211f0d4399e0d620b28e74de7c29c44d37e2032a80ee16d5e2771097caf7a043852dd76629a8596af349953e3a9f622efdbf56c6fe9b64f00f506eb3df8307d368b603cd87ad80158c96ff2fd8a19b97e3151c4684e9e29a5a81617758df7d67264bda173c5e66c4216bb533fe3f8699519c0e3aaf04b00df94931a2be928ae7a2011c5778ba29b15cf1bd447b997be2e841ea520ace405f995335080df16d4"}) openat$nvram(0xffffff9c, &(0x7f00000001c0)='/dev/nvram\x00', 0x81e03b701daec94f, 0x0) setsockopt$inet_group_source_req(0xffffffffffffffff, 0x0, 0x16, 0x0, 0x0) syz_genetlink_get_family_id$nl80211(0x0) 14:15:19 executing program 3: 14:15:19 executing program 2: 14:15:19 executing program 5: 14:15:19 executing program 4: 14:15:19 executing program 0: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) syz_kvm_setup_cpu$x86(0xffffffffffffffff, 0xffffffffffffffff, &(0x7f0000032000/0x18000)=nil, &(0x7f0000000280)=[@text32={0x20, &(0x7f0000000140)="b9800000c00f3235010000000f309a090000006500660f3882af724d00002ed8ddc74424008fc4bd87c7442402c43a727fc7442406000000000f011424f30f090f013a360f06c4c18d72d68366baa100ed", 0x51}], 0x1, 0x0, 0x0, 0x0) socketpair$nbd(0x1, 0x1, 0x0, &(0x7f00000000c0)) ioctl$KVM_CREATE_IRQCHIP(r1, 0xae60) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000bf7000)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil}) ioctl$KVM_ENABLE_CAP_CPU(r2, 0x4068aea3, &(0x7f0000000700)={0x7b}) ioctl$KVM_RUN(r2, 0xae80, 0x0) perf_event_open(&(0x7f0000000000)={0x0, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, 0x1, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xa, @perf_config_ext, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x4000}, 0x0, 0x0, 0xffffffffffffffff, 0x0) ioctl$KVM_RUN(r2, 0xae80, 0x0) 14:15:19 executing program 2: 14:15:19 executing program 5: 14:15:19 executing program 4: 14:15:19 executing program 3: 14:15:19 executing program 0: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) syz_kvm_setup_cpu$x86(0xffffffffffffffff, 0xffffffffffffffff, &(0x7f0000032000/0x18000)=nil, &(0x7f0000000280)=[@text32={0x20, &(0x7f0000000140)="b9800000c00f3235010000000f309a090000006500660f3882af724d00002ed8ddc74424008fc4bd87c7442402c43a727fc7442406000000000f011424f30f090f013a360f06c4c18d72d68366baa100ed", 0x51}], 0x1, 0x0, 0x0, 0x0) socketpair$nbd(0x1, 0x1, 0x0, &(0x7f00000000c0)) ioctl$KVM_CREATE_IRQCHIP(r1, 0xae60) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000bf7000)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil}) ioctl$KVM_ENABLE_CAP_CPU(r2, 0x4068aea3, &(0x7f0000000700)={0x7b}) ioctl$KVM_RUN(r2, 0xae80, 0x0) perf_event_open(&(0x7f0000000000)={0x0, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, 0x1, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xa, @perf_config_ext, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x4000}, 0x0, 0x0, 0xffffffffffffffff, 0x0) ioctl$KVM_RUN(r2, 0xae80, 0x0) 14:15:19 executing program 4: 14:15:20 executing program 1: 14:15:20 executing program 5: 14:15:20 executing program 2: 14:15:20 executing program 3: 14:15:20 executing program 4: 14:15:20 executing program 0: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) syz_kvm_setup_cpu$x86(0xffffffffffffffff, 0xffffffffffffffff, &(0x7f0000032000/0x18000)=nil, &(0x7f0000000280)=[@text32={0x20, &(0x7f0000000140)="b9800000c00f3235010000000f309a090000006500660f3882af724d00002ed8ddc74424008fc4bd87c7442402c43a727fc7442406000000000f011424f30f090f013a360f06c4c18d72d68366baa100ed", 0x51}], 0x1, 0x0, 0x0, 0x0) socketpair$nbd(0x1, 0x1, 0x0, &(0x7f00000000c0)) ioctl$KVM_CREATE_IRQCHIP(r1, 0xae60) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000bf7000)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil}) ioctl$KVM_SET_REGS(r2, 0x4090ae82, &(0x7f00000002c0)={[0x4, 0x0, 0x40000007, 0x0, 0x0, 0x0, 0x4cb]}) ioctl$KVM_RUN(r2, 0xae80, 0x0) perf_event_open(&(0x7f0000000000)={0x0, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, 0x1, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xa, @perf_config_ext, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x4000}, 0x0, 0x0, 0xffffffffffffffff, 0x0) ioctl$KVM_RUN(r2, 0xae80, 0x0) 14:15:20 executing program 5: 14:15:20 executing program 2: 14:15:20 executing program 3: 14:15:20 executing program 4: 14:15:20 executing program 1: 14:15:20 executing program 5: [ 152.749981][ T8598] kvm_hv_get_msr: 2 callbacks suppressed [ 152.749994][ T8598] kvm [8594]: vcpu0, guest rIP: 0x145 Hyper-V unhandled rdmsr: 0x40000040 [ 152.776459][ T8598] kvm [8594]: vcpu0, guest rIP: 0x145 Hyper-V unhandled rdmsr: 0x40000048 [ 152.785273][ T8598] kvm [8594]: vcpu0, guest rIP: 0x145 Hyper-V unhandled rdmsr: 0x4000005f 14:15:20 executing program 1: 14:15:20 executing program 4: 14:15:20 executing program 3: 14:15:20 executing program 2: [ 152.850683][ T8598] kvm [8594]: vcpu0, guest rIP: 0x145 Hyper-V unhandled rdmsr: 0x40000085 14:15:20 executing program 5: [ 152.908311][ T8598] kvm [8594]: vcpu0, guest rIP: 0x145 Hyper-V unhandled rdmsr: 0x40000061 [ 152.962770][ T8598] kvm [8594]: vcpu0, guest rIP: 0x145 Hyper-V unhandled rdmsr: 0x40000079 [ 152.999532][ T8598] kvm [8594]: vcpu0, guest rIP: 0x145 Hyper-V unhandled rdmsr: 0x40000075 [ 153.040384][ T8598] kvm [8594]: vcpu0, guest rIP: 0x145 Hyper-V unhandled rdmsr: 0x4000005b 14:15:20 executing program 0: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) syz_kvm_setup_cpu$x86(0xffffffffffffffff, 0xffffffffffffffff, &(0x7f0000032000/0x18000)=nil, &(0x7f0000000280)=[@text32={0x20, &(0x7f0000000140)="b9800000c00f3235010000000f309a090000006500660f3882af724d00002ed8ddc74424008fc4bd87c7442402c43a727fc7442406000000000f011424f30f090f013a360f06c4c18d72d68366baa100ed", 0x51}], 0x1, 0x0, 0x0, 0x0) socketpair$nbd(0x1, 0x1, 0x0, &(0x7f00000000c0)) ioctl$KVM_CREATE_IRQCHIP(r1, 0xae60) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000bf7000)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil}) ioctl$KVM_SET_REGS(r2, 0x4090ae82, &(0x7f00000002c0)={[0x4, 0x0, 0x40000007, 0x0, 0x0, 0x0, 0x4cb]}) ioctl$KVM_RUN(r2, 0xae80, 0x0) perf_event_open(&(0x7f0000000000)={0x0, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, 0x1, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xa, @perf_config_ext, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x4000}, 0x0, 0x0, 0xffffffffffffffff, 0x0) ioctl$KVM_RUN(r2, 0xae80, 0x0) 14:15:20 executing program 4: 14:15:20 executing program 1: 14:15:20 executing program 3: 14:15:20 executing program 2: 14:15:20 executing program 5: [ 153.100145][ T8598] kvm [8594]: vcpu0, guest rIP: 0x145 Hyper-V unhandled rdmsr: 0x40000085 [ 153.121308][ T8598] kvm [8594]: vcpu0, guest rIP: 0x145 Hyper-V unhandled rdmsr: 0x4000007d 14:15:21 executing program 4: 14:15:21 executing program 5: 14:15:21 executing program 3: 14:15:21 executing program 2: 14:15:21 executing program 1: 14:15:21 executing program 5: 14:15:21 executing program 0: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) syz_kvm_setup_cpu$x86(0xffffffffffffffff, 0xffffffffffffffff, &(0x7f0000032000/0x18000)=nil, &(0x7f0000000280)=[@text32={0x20, &(0x7f0000000140)="b9800000c00f3235010000000f309a090000006500660f3882af724d00002ed8ddc74424008fc4bd87c7442402c43a727fc7442406000000000f011424f30f090f013a360f06c4c18d72d68366baa100ed", 0x51}], 0x1, 0x0, 0x0, 0x0) socketpair$nbd(0x1, 0x1, 0x0, &(0x7f00000000c0)) ioctl$KVM_CREATE_IRQCHIP(r1, 0xae60) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000bf7000)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil}) ioctl$KVM_SET_REGS(r2, 0x4090ae82, &(0x7f00000002c0)={[0x4, 0x0, 0x40000007, 0x0, 0x0, 0x0, 0x4cb]}) ioctl$KVM_RUN(r2, 0xae80, 0x0) perf_event_open(&(0x7f0000000000)={0x0, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, 0x1, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xa, @perf_config_ext, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x4000}, 0x0, 0x0, 0xffffffffffffffff, 0x0) ioctl$KVM_RUN(r2, 0xae80, 0x0) 14:15:21 executing program 4: 14:15:21 executing program 2: 14:15:21 executing program 3: 14:15:21 executing program 1: 14:15:21 executing program 5: 14:15:21 executing program 1: 14:15:21 executing program 3: 14:15:21 executing program 2: 14:15:21 executing program 4: 14:15:21 executing program 5: 14:15:21 executing program 2: 14:15:21 executing program 1: 14:15:21 executing program 4: 14:15:21 executing program 0: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) syz_kvm_setup_cpu$x86(0xffffffffffffffff, 0xffffffffffffffff, &(0x7f0000032000/0x18000)=nil, &(0x7f0000000280)=[@text32={0x20, &(0x7f0000000140)="b9800000c00f3235010000000f309a090000006500660f3882af724d00002ed8ddc74424008fc4bd87c7442402c43a727fc7442406000000000f011424f30f090f013a360f06c4c18d72d68366baa100ed", 0x51}], 0x1, 0x0, 0x0, 0x0) socketpair$nbd(0x1, 0x1, 0x0, &(0x7f00000000c0)) ioctl$KVM_CREATE_IRQCHIP(r1, 0xae60) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) ioctl$KVM_ENABLE_CAP_CPU(r2, 0x4068aea3, &(0x7f0000000700)={0x7b}) ioctl$KVM_SET_REGS(r2, 0x4090ae82, &(0x7f00000002c0)={[0x4, 0x0, 0x40000007, 0x0, 0x0, 0x0, 0x4cb]}) ioctl$KVM_RUN(r2, 0xae80, 0x0) perf_event_open(&(0x7f0000000000)={0x0, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, 0x1, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xa, @perf_config_ext, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x4000}, 0x0, 0x0, 0xffffffffffffffff, 0x0) ioctl$KVM_RUN(r2, 0xae80, 0x0) 14:15:21 executing program 3: 14:15:21 executing program 5: 14:15:21 executing program 2: 14:15:21 executing program 1: 14:15:21 executing program 4: 14:15:21 executing program 3: [ 154.100600][ T8656] ================================================================== [ 154.109270][ T8656] BUG: KASAN: slab-out-of-bounds in kvm_vcpu_gfn_to_memslot+0x50e/0x540 [ 154.119709][ T8656] Read of size 8 at addr ffff88809ff9c468 by task syz-executor.0/8656 [ 154.128940][ T8656] [ 154.131292][ T8656] CPU: 1 PID: 8656 Comm: syz-executor.0 Not tainted 5.7.0-rc1-next-20200415-syzkaller #0 [ 154.142615][ T8656] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 154.154294][ T8656] Call Trace: [ 154.157601][ T8656] dump_stack+0x188/0x20d [ 154.162059][ T8656] print_address_description.constprop.0.cold+0xd3/0x315 [ 154.169135][ T8656] ? kvm_vcpu_gfn_to_memslot+0x50e/0x540 [ 154.175676][ T8656] __kasan_report.cold+0x35/0x4d [ 154.180643][ T8656] ? kvm_vcpu_gfn_to_memslot+0x50e/0x540 [ 154.186823][ T8656] ? kvm_vcpu_gfn_to_memslot+0x50e/0x540 [ 154.192514][ T8656] kasan_report+0x33/0x50 [ 154.196873][ T8656] kvm_vcpu_gfn_to_memslot+0x50e/0x540 [ 154.202577][ T8656] try_async_pf+0x12b/0xac0 [ 154.207101][ T8656] ? ept_gva_to_gpa+0x1e0/0x1e0 [ 154.212062][ T8656] ? mark_held_locks+0x9f/0xe0 [ 154.216928][ T8656] ? mmu_topup_memory_caches+0x325/0x460 [ 154.222671][ T8656] direct_page_fault+0x27d/0x1d70 [ 154.227897][ T8656] ? kvm_mmu_get_page+0x1e70/0x1e70 [ 154.233112][ T8656] ? kvm_mtrr_check_gfn_range_consistency+0x254/0x2e0 [ 154.240091][ T8656] ? kvm_vcpu_mtrr_init+0x70/0x70 [ 154.245867][ T8656] kvm_mmu_page_fault+0x187/0x15d0 14:15:21 executing program 3: [ 154.251266][ T8656] ? kvm_deliver_exception_payload+0x42/0x1a0 [ 154.257902][ T8656] ? kvm_multiple_exception+0x51e/0x720 [ 154.263919][ T8656] ? kvm_nx_lpage_recovery_worker+0x790/0x790 [ 154.271038][ T8656] ? rcu_read_lock_sched_held+0x9c/0xd0 [ 154.277054][ T8656] ? rcu_read_lock_any_held.part.0+0x50/0x50 [ 154.283316][ T8656] ? rcu_read_lock_sched_held+0x9c/0xd0 [ 154.289055][ T8656] ? handle_ept_violation+0x206/0x550 [ 154.294833][ T8656] ? vmx_inject_irq+0x5b0/0x5b0 14:15:22 executing program 4: [ 154.299699][ T8656] vmx_handle_exit+0x2b8/0x1700 [ 154.304636][ T8656] vcpu_enter_guest+0xfea/0x59d0 [ 154.309588][ T8656] ? vmx_vcpu_load_vmcs+0x960/0x960 [ 154.314919][ T8656] ? kvm_vcpu_reload_apic_access_page+0x300/0x300 [ 154.321463][ T8656] ? kvm_arch_vcpu_ioctl_run+0x23a/0x16e0 [ 154.327302][ T8656] ? lock_release+0x800/0x800 [ 154.332094][ T8656] ? rcu_read_lock_sched_held+0x9c/0xd0 [ 154.338228][ T8656] ? rcu_read_lock_any_held.part.0+0x50/0x50 [ 154.344229][ T8656] ? lockdep_hardirqs_on+0x463/0x620 [ 154.349822][ T8656] ? kvm_arch_vcpu_ioctl_run+0x3fb/0x16e0 [ 154.356523][ T8656] ? kvm_arch_vcpu_ioctl_run+0x27b/0x16e0 [ 154.362260][ T8656] kvm_arch_vcpu_ioctl_run+0x3fb/0x16e0 [ 154.367842][ T8656] kvm_vcpu_ioctl+0x493/0xe60 [ 154.372559][ T8656] ? kvm_get_dirty_log_protect.isra.0+0x670/0x670 [ 154.379081][ T8656] ? ioctl_file_clone+0x180/0x180 [ 154.384130][ T8656] ? __fget_files+0x32f/0x500 [ 154.388832][ T8656] ? do_dup2+0x520/0x520 [ 154.393479][ T8656] ? __x64_sys_futex+0x380/0x4f0 [ 154.398534][ T8656] ? kvm_get_dirty_log_protect.isra.0+0x670/0x670 [ 154.405058][ T8656] ksys_ioctl+0x11a/0x180 [ 154.409412][ T8656] __x64_sys_ioctl+0x6f/0xb0 [ 154.414034][ T8656] ? lockdep_hardirqs_on+0x463/0x620 [ 154.419516][ T8656] do_syscall_64+0xf6/0x7d0 [ 154.424040][ T8656] entry_SYSCALL_64_after_hwframe+0x49/0xb3 [ 154.429945][ T8656] RIP: 0033:0x45ca29 14:15:22 executing program 4: perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x41c1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) syz_open_procfs(0x0, 0x0) r0 = openat$tun(0xffffffffffffff9c, &(0x7f0000000080)='/dev/net/tun\x00', 0x88002, 0x0) ioctl$TUNSETIFF(r0, 0x400454ca, 0x0) socket$netlink(0x10, 0x3, 0x0) r1 = openat$full(0xffffffffffffff9c, &(0x7f00000002c0)='/dev/full\x00', 0x2, 0x0) recvfrom$inet(0xffffffffffffffff, &(0x7f0000000680)=""/244, 0xf4, 0x14002, 0x0, 0x0) r2 = socket$inet_icmp_raw(0x2, 0x3, 0x1) setsockopt$IPT_SO_SET_REPLACE(r2, 0x8000000000000, 0x40, &(0x7f00000007c0)=ANY=[@ANYBLOB="7261770000000000000000000000000000000000000000000000000000000000020000000300000040020000d800000000000000d800000000000000d8000000a8010000a80100a8010000a8010000030000000000000000000000ffff09ffac1e000100000000000a0a1a516469ef6f65746170300000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000b800d8"], 0x1) dup(r2) ioctl$sock_inet_SIOCSIFADDR(0xffffffffffffffff, 0x8914, &(0x7f0000000140)={'syzkaller1\x00', {0x7, 0x0, @empty}}) getsockname$packet(0xffffffffffffffff, &(0x7f0000000000)={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @dev}, &(0x7f0000000040)=0x14) sendmsg$nl_route(0xffffffffffffffff, &(0x7f0000000140)={0x0, 0x0, &(0x7f0000000340)={&(0x7f00000013c0)=@newlink={0x34, 0x10, 0x801, 0x0, 0x0, {0x0, 0x0, 0x0, r3}, [@IFLA_VFINFO_LIST={0x14, 0x16, 0x0, 0x1, [{0x10, 0x1, 0x0, 0x1, [@IFLA_VF_SPOOFCHK={0xc}]}]}]}, 0x34}}, 0x0) sendmsg$ETHTOOL_MSG_LINKSTATE_GET(r1, &(0x7f0000000600)={&(0x7f0000000100)={0x10, 0x0, 0x0, 0x10}, 0xc, &(0x7f00000005c0)={&(0x7f0000000940)=ANY=[@ANYBLOB="50010000", @ANYRES16=0x0, @ANYRES32=0x0, @ANYBLOB="080003000300000008000300010000000c00018008000100", @ANYBLOB="2800018008000100", @ANYRES32=0x0, @ANYBLOB="1400020065727350616e3000000000000000000008000300020000000c000180081003000200000018000180140002006361696630000000000000000000000068000180080003000300000014000247d34cd84f5a7c19d164c30d6f23006d616376746170300000000000000000080003008a012fa908000100", @ANYRES32=r3, @ANYBLOB="08000300000000000800030002000000140002007663616e300000000000000000000000140002006261746164765f736c6176655f31000020000180140002006261746164765f736c6176655f3000000800030000000000"], 0x150}}, 0x20000081) write$tun(r0, &(0x7f00000001c0)=ANY=[@ANYBLOB="0000000000000000000060bc7d94004c2c00fe8000000000002005121300000000aaff0200000000000000000000000000012f00000000000000042065580000000000000800000086dd080002ab88be00000000100000000100000000000000080022eb007f0900000000000000000100000000000000"], 0x7e) sendmsg(0xffffffffffffffff, 0x0, 0x0) clone(0x2000100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) getsockopt$netlink(0xffffffffffffffff, 0x10e, 0x0, &(0x7f0000000180)=""/35, &(0x7f0000000240)=0x23) ioctl$sock_SIOCDELRT(0xffffffffffffffff, 0x890c, &(0x7f0000000040)={0x0, @generic={0x2b, "e58a7768a83c7936514e511bcefc"}, @nl=@proc={0x10, 0x0, 0x25dfdbff}, @phonet={0x23, 0x0, 0x2, 0x20}, 0x3ff, 0x0, 0x0, 0x0, 0x3, &(0x7f0000000000)='vlan1\x00', 0x0, 0xfff, 0x7}) request_key(&(0x7f000000aff5)='asymmetric\x00', &(0x7f0000001ffb)={'syz', 0xffffffffffffffff, 0x6c}, &(0x7f0000001fee)='R\x05rist\xe3cusgrVid:De', 0x0) [ 154.433893][ T8656] Code: 0d b7 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 db b6 fb ff c3 66 2e 0f 1f 84 00 00 00 00 [ 154.454677][ T8656] RSP: 002b:00007fbd86e17c78 EFLAGS: 00000246 ORIG_RAX: 0000000000000010 [ 154.463402][ T8656] RAX: ffffffffffffffda RBX: 00000000004e7fc0 RCX: 000000000045ca29 [ 154.471414][ T8656] RDX: 0000000000000000 RSI: 000000000000ae80 RDI: 0000000000000007 [ 154.479425][ T8656] RBP: 000000000078bf00 R08: 0000000000000000 R09: 0000000000000000 [ 154.487500][ T8656] R10: 0000000000000000 R11: 0000000000000246 R12: 00000000ffffffff [ 154.495626][ T8656] R13: 00000000000003c6 R14: 00000000004c6703 R15: 00007fbd86e186d4 [ 154.504070][ T8656] [ 154.507886][ T8656] Allocated by task 8656: [ 154.512319][ T8656] save_stack+0x1b/0x40 [ 154.517266][ T8656] __kasan_kmalloc.constprop.0+0xbf/0xd0 [ 154.522943][ T8656] kvmalloc_node+0x61/0xf0 [ 154.527374][ T8656] kvm_set_memslot+0x115/0x1530 [ 154.532248][ T8656] __kvm_set_memory_region+0xcf7/0x1320 [ 154.537805][ T8656] __x86_set_memory_region+0x2a3/0x5a0 [ 154.543272][ T8656] vmx_create_vcpu+0x2107/0x2b40 [ 154.548228][ T8656] kvm_arch_vcpu_create+0x6ef/0xb80 [ 154.553529][ T8656] kvm_vm_ioctl+0x1614/0x2400 [ 154.558227][ T8656] ksys_ioctl+0x11a/0x180 [ 154.562603][ T8656] __x64_sys_ioctl+0x6f/0xb0 [ 154.567215][ T8656] do_syscall_64+0xf6/0x7d0 [ 154.571990][ T8656] entry_SYSCALL_64_after_hwframe+0x49/0xb3 [ 154.577898][ T8656] [ 154.580335][ T8656] Freed by task 4146: [ 154.585046][ T8656] save_stack+0x1b/0x40 [ 154.589213][ T8656] __kasan_slab_free+0xf7/0x140 [ 154.594107][ T8656] kfree+0x109/0x2b0 [ 154.598014][ T8656] skb_free_head+0x8b/0xa0 [ 154.602441][ T8656] skb_release_data+0x617/0x8a0 [ 154.607323][ T8656] skb_release_all+0x46/0x60 [ 154.611921][ T8656] kfree_skb+0xfa/0x410 [ 154.616065][ T8656] geneve_udp_encap_recv+0x243/0x2370 [ 154.621527][ T8656] udp_queue_rcv_one_skb+0xb35/0x17a0 [ 154.626889][ T8656] udp_queue_rcv_skb+0x125/0x850 [ 154.631816][ T8656] udp_unicast_rcv_skb.isra.0+0xb4/0x350 [ 154.637519][ T8656] __udp4_lib_rcv+0xfec/0x2ea0 [ 154.642267][ T8656] ip_protocol_deliver_rcu+0x57/0x880 [ 154.647675][ T8656] ip_local_deliver_finish+0x220/0x360 [ 154.653148][ T8656] ip_local_deliver+0x1c8/0x4e0 [ 154.658003][ T8656] ip_rcv_finish+0x1da/0x2f0 [ 154.662613][ T8656] ip_rcv+0xd0/0x3c0 [ 154.666503][ T8656] __netif_receive_skb_one_core+0xf5/0x160 [ 154.672302][ T8656] __netif_receive_skb+0x27/0x1c0 [ 154.677311][ T8656] process_backlog+0x21e/0x7a0 [ 154.682082][ T8656] net_rx_action+0x4c2/0x1070 [ 154.686830][ T8656] __do_softirq+0x26c/0x9f7 [ 154.691311][ T8656] [ 154.693934][ T8656] The buggy address belongs to the object at ffff88809ff9c000 [ 154.693934][ T8656] which belongs to the cache kmalloc-2k of size 2048 [ 154.707999][ T8656] The buggy address is located 1128 bytes inside of [ 154.707999][ T8656] 2048-byte region [ffff88809ff9c000, ffff88809ff9c800) [ 154.721520][ T8656] The buggy address belongs to the page: [ 154.727141][ T8656] page:ffffea00027fe700 refcount:1 mapcount:0 mapping:00000000c29c930f index:0x0 [ 154.736420][ T8656] flags: 0xfffe0000000200(slab) [ 154.741265][ T8656] raw: 00fffe0000000200 ffffea00027e25c8 ffffea0002895748 ffff8880aa000e00 [ 154.749935][ T8656] raw: 0000000000000000 ffff88809ff9c000 0000000100000001 0000000000000000 [ 154.758610][ T8656] page dumped because: kasan: bad access detected [ 154.765037][ T8656] [ 154.767369][ T8656] Memory state around the buggy address: [ 154.773011][ T8656] ffff88809ff9c300: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 154.781075][ T8656] ffff88809ff9c380: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 154.789123][ T8656] >ffff88809ff9c400: 00 00 00 00 00 00 00 00 00 00 00 00 00 fc fc fc 14:15:22 executing program 2: perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x41c1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) sched_setscheduler(0x0, 0x0, 0x0) r0 = openat$kvm(0xffffffffffffff9c, 0x0, 0x64c043, 0x0) openat$cgroup_ro(0xffffffffffffffff, &(0x7f0000000200)='cpuset.memory_pressure\x00', 0x0, 0x0) syz_open_dev$vcsn(0x0, 0x0, 0x4000) socket(0x0, 0x0, 0x0) ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r1 = creat(&(0x7f0000000240)='./bus\x00', 0x0) ioctl$FS_IOC_RESVSP(r1, 0x402c5828, &(0x7f00000001c0)={0xd8, 0x0, 0x0, 0x41275301, 0x36ff1, 0x8000000, [0x0, 0x0, 0x20800]}) openat$cgroup_ro(0xffffffffffffffff, &(0x7f0000000040)='cgroup.controllers\x00', 0x0, 0x0) ioctl$KVM_SET_VCPU_EVENTS(0xffffffffffffffff, 0x8138ae83, 0x0) ioctl$FS_IOC_RESVSP(0xffffffffffffffff, 0x402c5828, &(0x7f00000001c0)={0x0, 0x0, 0x0, 0x41275301, 0x36ff1, 0x8000000, [0x0, 0x0, 0x20800]}) r2 = socket$inet_udp(0x2, 0x2, 0x0) ioctl$sock_SIOCGIFVLAN_ADD_VLAN_CMD(r2, 0x8907, 0x0) setsockopt$IPT_SO_SET_ADD_COUNTERS(r2, 0x0, 0x41, &(0x7f0000000080)=ANY=[@ANYBLOB="6d616e676c650000000000000000000000000000000000000000000000000000020000000800"/68], 0x44) 14:15:22 executing program 5: pipe(&(0x7f0000000080)={0xffffffffffffffff, 0xffffffffffffffff}) vmsplice(r0, &(0x7f0000002680)=[{0x0}, {0x0}, {0x0}, {0x0}, {0x0}, {0x0}, {0x0}, {0x0}, {0x0}], 0x9, 0x0) [ 154.799090][ T8656] ^ [ 154.806528][ T8656] ffff88809ff9c480: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 154.814681][ T8656] ffff88809ff9c500: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 154.822740][ T8656] ================================================================== [ 154.830804][ T8656] Disabling lock debugging due to kernel taint [ 154.959371][ T8656] Kernel panic - not syncing: panic_on_warn set ... [ 154.965997][ T8656] CPU: 0 PID: 8656 Comm: syz-executor.0 Tainted: G B 5.7.0-rc1-next-20200415-syzkaller #0 [ 154.977181][ T8656] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 154.987239][ T8656] Call Trace: [ 154.990563][ T8656] dump_stack+0x188/0x20d [ 154.994992][ T8656] panic+0x2e3/0x75c [ 154.999065][ T8656] ? add_taint.cold+0x16/0x16 [ 155.003751][ T8656] ? preempt_schedule_common+0x5e/0xc0 [ 155.009220][ T8656] ? kvm_vcpu_gfn_to_memslot+0x50e/0x540 [ 155.014859][ T8656] ? preempt_schedule_thunk+0x16/0x18 [ 155.020234][ T8656] ? trace_hardirqs_on+0x55/0x220 [ 155.025266][ T8656] ? kvm_vcpu_gfn_to_memslot+0x50e/0x540 [ 155.030914][ T8656] end_report+0x4d/0x53 [ 155.035085][ T8656] __kasan_report.cold+0xd/0x4d [ 155.039983][ T8656] ? kvm_vcpu_gfn_to_memslot+0x50e/0x540 [ 155.045626][ T8656] ? kvm_vcpu_gfn_to_memslot+0x50e/0x540 [ 155.051351][ T8656] kasan_report+0x33/0x50 [ 155.055691][ T8656] kvm_vcpu_gfn_to_memslot+0x50e/0x540 [ 155.061673][ T8656] try_async_pf+0x12b/0xac0 [ 155.066196][ T8656] ? ept_gva_to_gpa+0x1e0/0x1e0 [ 155.071152][ T8656] ? mark_held_locks+0x9f/0xe0 [ 155.076068][ T8656] ? mmu_topup_memory_caches+0x325/0x460 [ 155.081831][ T8656] direct_page_fault+0x27d/0x1d70 [ 155.086872][ T8656] ? kvm_mmu_get_page+0x1e70/0x1e70 [ 155.092359][ T8656] ? kvm_mtrr_check_gfn_range_consistency+0x254/0x2e0 [ 155.099309][ T8656] ? kvm_vcpu_mtrr_init+0x70/0x70 [ 155.104441][ T8656] kvm_mmu_page_fault+0x187/0x15d0 [ 155.109683][ T8656] ? kvm_deliver_exception_payload+0x42/0x1a0 [ 155.116630][ T8656] ? kvm_multiple_exception+0x51e/0x720 [ 155.122825][ T8656] ? kvm_nx_lpage_recovery_worker+0x790/0x790 [ 155.129860][ T8656] ? rcu_read_lock_sched_held+0x9c/0xd0 [ 155.135414][ T8656] ? rcu_read_lock_any_held.part.0+0x50/0x50 [ 155.141404][ T8656] ? rcu_read_lock_sched_held+0x9c/0xd0 [ 155.147009][ T8656] ? handle_ept_violation+0x206/0x550 [ 155.152388][ T8656] ? vmx_inject_irq+0x5b0/0x5b0 [ 155.157335][ T8656] vmx_handle_exit+0x2b8/0x1700 [ 155.162231][ T8656] vcpu_enter_guest+0xfea/0x59d0 [ 155.167174][ T8656] ? vmx_vcpu_load_vmcs+0x960/0x960 [ 155.172384][ T8656] ? kvm_vcpu_reload_apic_access_page+0x300/0x300 [ 155.178890][ T8656] ? kvm_arch_vcpu_ioctl_run+0x23a/0x16e0 [ 155.184615][ T8656] ? lock_release+0x800/0x800 [ 155.189303][ T8656] ? rcu_read_lock_sched_held+0x9c/0xd0 [ 155.194871][ T8656] ? rcu_read_lock_any_held.part.0+0x50/0x50 [ 155.200837][ T8656] ? lockdep_hardirqs_on+0x463/0x620 [ 155.206403][ T8656] ? kvm_arch_vcpu_ioctl_run+0x3fb/0x16e0 [ 155.212233][ T8656] ? kvm_arch_vcpu_ioctl_run+0x27b/0x16e0 [ 155.217970][ T8656] kvm_arch_vcpu_ioctl_run+0x3fb/0x16e0 [ 155.223524][ T8656] kvm_vcpu_ioctl+0x493/0xe60 [ 155.228191][ T8656] ? kvm_get_dirty_log_protect.isra.0+0x670/0x670 [ 155.234935][ T8656] ? ioctl_file_clone+0x180/0x180 [ 155.239959][ T8656] ? __fget_files+0x32f/0x500 [ 155.244630][ T8656] ? do_dup2+0x520/0x520 [ 155.249273][ T8656] ? __x64_sys_futex+0x380/0x4f0 [ 155.254643][ T8656] ? kvm_get_dirty_log_protect.isra.0+0x670/0x670 [ 155.261566][ T8656] ksys_ioctl+0x11a/0x180 [ 155.266450][ T8656] __x64_sys_ioctl+0x6f/0xb0 [ 155.271752][ T8656] ? lockdep_hardirqs_on+0x463/0x620 [ 155.278845][ T8656] do_syscall_64+0xf6/0x7d0 [ 155.284147][ T8656] entry_SYSCALL_64_after_hwframe+0x49/0xb3 [ 155.290661][ T8656] RIP: 0033:0x45ca29 [ 155.294654][ T8656] Code: 0d b7 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 db b6 fb ff c3 66 2e 0f 1f 84 00 00 00 00 [ 155.314347][ T8656] RSP: 002b:00007fbd86e17c78 EFLAGS: 00000246 ORIG_RAX: 0000000000000010 [ 155.322782][ T8656] RAX: ffffffffffffffda RBX: 00000000004e7fc0 RCX: 000000000045ca29 [ 155.330742][ T8656] RDX: 0000000000000000 RSI: 000000000000ae80 RDI: 0000000000000007 [ 155.338779][ T8656] RBP: 000000000078bf00 R08: 0000000000000000 R09: 0000000000000000 [ 155.347291][ T8656] R10: 0000000000000000 R11: 0000000000000246 R12: 00000000ffffffff [ 155.355359][ T8656] R13: 00000000000003c6 R14: 00000000004c6703 R15: 00007fbd86e186d4 [ 155.366151][ T8656] Kernel Offset: disabled [ 155.370506][ T8656] Rebooting in 86400 seconds..